svn commit: branches/busybox_1_6_stable: networking shell
vda at busybox.net
vda at busybox.net
Sat Jun 30 15:06:47 UTC 2007
Author: vda
Date: 2007-06-30 08:06:45 -0700 (Sat, 30 Jun 2007)
New Revision: 18976
Log:
wget: fix buffer overflow in HTTP auth
Modified:
branches/busybox_1_6_stable/networking/wget.c
branches/busybox_1_6_stable/shell/Config.in
Changeset:
Modified: branches/busybox_1_6_stable/networking/wget.c
===================================================================
--- branches/busybox_1_6_stable/networking/wget.c 2007-06-30 14:47:41 UTC (rev 18975)
+++ branches/busybox_1_6_stable/networking/wget.c 2007-06-30 15:06:45 UTC (rev 18976)
@@ -267,11 +267,11 @@
#if ENABLE_FEATURE_WGET_AUTHENTICATION
if (target.user) {
fprintf(sfp, "Authorization: Basic %s\r\n",
- base64enc((unsigned char*)target.user, buf, sizeof(buf)));
+ base64enc((unsigned char*)target.user, buf, strlen(target.user)));
}
if (use_proxy && server.user) {
fprintf(sfp, "Proxy-Authorization: Basic %s\r\n",
- base64enc((unsigned char*)server.user, buf, sizeof(buf)));
+ base64enc((unsigned char*)server.user, buf, strlen(server.user)));
}
#endif
Modified: branches/busybox_1_6_stable/shell/Config.in
===================================================================
--- branches/busybox_1_6_stable/shell/Config.in 2007-06-30 14:47:41 UTC (rev 18975)
+++ branches/busybox_1_6_stable/shell/Config.in 2007-06-30 15:06:45 UTC (rev 18976)
@@ -179,6 +179,7 @@
config HUSH_HELP
bool "help builtin"
default n
+ depends on HUSH
help
Enable help builtin in hush. Code size + ~1 kbyte.
@@ -206,18 +207,21 @@
config HUSH_TICK
bool "Process substitution"
default n
+ depends on HUSH
help
Enable process substitution `command` and $(command) in hush.
config HUSH_IF
bool "Support if/then/elif/else/fi"
default n
+ depends on HUSH
help
Enable if/then/elif/else/fi in hush.
config HUSH_LOOPS
bool "Support for, while and until loops"
default n
+ depends on HUSH
help
Enable for, while and until loops in hush.
More information about the busybox-cvs
mailing list