curl: make checkpasswd use dynbuf

Closes #5952
This commit is contained in:
Daniel Stenberg 2020-09-11 11:20:07 +02:00
parent 70a3b003d9
commit a167949848
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2

View File

@ -413,6 +413,7 @@ ParameterError str2offset(curl_off_t *val, const char *str)
return PARAM_BAD_NUMERIC;
}
#define MAX_USERPWDLENGTH (100*1024)
static CURLcode checkpasswd(const char *kind, /* for what purpose */
const size_t i, /* operation index */
const bool last, /* TRUE if last operation */
@ -432,12 +433,11 @@ static CURLcode checkpasswd(const char *kind, /* for what purpose */
if(!psep && **userpwd != ';') {
/* no password present, prompt for one */
char passwd[256] = "";
char passwd[2048] = "";
char prompt[256];
size_t passwdlen;
size_t userlen = strlen(*userpwd);
char *passptr;
struct curlx_dynbuf dyn;
curlx_dyn_init(&dyn, MAX_USERPWDLENGTH);
if(osep)
*osep = '\0';
@ -453,22 +453,15 @@ static CURLcode checkpasswd(const char *kind, /* for what purpose */
/* get password */
getpass_r(prompt, passwd, sizeof(passwd));
passwdlen = strlen(passwd);
if(osep)
*osep = ';';
/* extend the allocated memory area to fit the password too */
passptr = realloc(*userpwd,
passwdlen + 1 + /* an extra for the colon */
userlen + 1); /* an extra for the zero */
if(!passptr)
if(curlx_dyn_addf(&dyn, "%s:%s", *userpwd, passwd))
return CURLE_OUT_OF_MEMORY;
/* append the password separated with a colon */
passptr[userlen] = ':';
memcpy(&passptr[userlen + 1], passwd, passwdlen + 1);
*userpwd = passptr;
/* return the new string */
free(*userpwd);
*userpwd = curlx_dyn_ptr(&dyn);
}
return CURLE_OK;