[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] Re: libmicrohttpd question
From: |
Christian Grothoff |
Subject: |
[libmicrohttpd] Re: libmicrohttpd question |
Date: |
Wed, 7 Jul 2010 19:35:58 +0200 |
User-agent: |
KMail/1.9.9 |
Am Tuesday 06 July 2010 15:30:46 schrieb Dmitriy Vasil'ev:
> Dear sir,
>
> in the example of basic authentification I see (p.17 of the tutorial.pdf or
> libmicrohttpd-0.4.6\doc\examples\basicauthentication.c, lines from 66 to 84
> ):
>
> char *expected_b64, *expected;
> int authenticated;
> ...
> strcpy (expected, username);
> strcat (expected, ":");
> strcat (expected, password);
> expected_b64 = string_to_base64 (expected);
> if (NULL == expected_b64) return 0;
> strcpy (expected, strbase); <-------- why?
> authenticated = (strcmp (headervalue + strlen (strbase), expected_b64) ==
> 0); free (expected_b64);
> return authenticated;
>
> Why you do: strcpy (expected, strbase);?
> Why you do not free memory for variable "expected"?
> Is this bugs or this is correct?
As far as I can see, you are totally right and these are bugs (I didn't write
the code, but there is clearly no reason for both of the things you
describe). I've fixed the issues in SVN 12179 (I hope ;-)).
Best,
Christian
- [libmicrohttpd] Re: libmicrohttpd question,
Christian Grothoff <=
- Message not available
- Message not available