mirror of
https://github.com/curl/curl.git
synced 2024-11-21 01:16:58 +08:00
Jean Jacques Drouin pointed out that you could only have a user name or
password of 127 bytes or less embedded in a URL, where actually the code uses a 255 byte buffer for it! Modified now to use the full buffer size.
This commit is contained in:
parent
fea5ddf585
commit
6dbfce1031
8
CHANGES
8
CHANGES
@ -8,6 +8,14 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Daniel (16 December 2005)
|
||||||
|
- Jean Jacques Drouin pointed out that you could only have a user name or
|
||||||
|
password of 127 bytes or less embedded in a URL, where actually the code
|
||||||
|
uses a 255 byte buffer for it! Modified now to use the full buffer size.
|
||||||
|
|
||||||
|
Daniel (12 December 2005)
|
||||||
|
- Dov Murik corrected the HTTP_ONLY define to disable the TFTP support properly
|
||||||
|
|
||||||
Version 7.15.1 (7 December 2005)
|
Version 7.15.1 (7 December 2005)
|
||||||
|
|
||||||
Daniel (6 December 2005)
|
Daniel (6 December 2005)
|
||||||
|
@ -15,14 +15,16 @@ This release includes the following changes:
|
|||||||
|
|
||||||
This release includes the following bugfixes:
|
This release includes the following bugfixes:
|
||||||
|
|
||||||
o
|
o supports name and passwords up to 255 bytes long, embedded in URLs
|
||||||
|
o the HTTP_ONLY define disables the TFTP support
|
||||||
|
|
||||||
Other curl-related news since the previous public release:
|
Other curl-related news since the previous public release:
|
||||||
|
|
||||||
o
|
o http://curl.hkmirror.org/ is a new curl web mirror in Hong Kong
|
||||||
|
|
||||||
This release would not have looked like this without help, code, reports and
|
This release would not have looked like this without help, code, reports and
|
||||||
advice from friends like these:
|
advice from friends like these:
|
||||||
|
|
||||||
|
Dov Murik, Jean Jacques Drouin
|
||||||
|
|
||||||
Thanks! (and sorry if I forgot to mention someone)
|
Thanks! (and sorry if I forgot to mention someone)
|
||||||
|
@ -3166,12 +3166,13 @@ static CURLcode CreateConnection(struct SessionHandle *data,
|
|||||||
|
|
||||||
if(*userpass != ':') {
|
if(*userpass != ':') {
|
||||||
/* the name is given, get user+password */
|
/* the name is given, get user+password */
|
||||||
sscanf(userpass, "%127[^:@]:%127[^@]",
|
sscanf(userpass, "%" MAX_CURL_USER_LENGTH_TXT "[^:@]:"
|
||||||
|
"%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]",
|
||||||
user, passwd);
|
user, passwd);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
/* no name given, get the password only */
|
/* no name given, get the password only */
|
||||||
sscanf(userpass, ":%127[^@]", passwd);
|
sscanf(userpass, ":%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]", passwd);
|
||||||
|
|
||||||
if(user[0]) {
|
if(user[0]) {
|
||||||
char *newname=curl_unescape(user, 0);
|
char *newname=curl_unescape(user, 0);
|
||||||
|
Loading…
Reference in New Issue
Block a user