diff options
Diffstat (limited to 'lib/curl_ntlm_core.c')
-rw-r--r-- | lib/curl_ntlm_core.c | 18 |
1 files changed, 5 insertions, 13 deletions
diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c index 0eefb1587..9a075ac90 100644 --- a/lib/curl_ntlm_core.c +++ b/lib/curl_ntlm_core.c @@ -9,7 +9,7 @@ * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. + * are also available at https://curl.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is @@ -22,7 +22,7 @@ #include "curl_setup.h" -#if defined(USE_NTLM) +#if defined(USE_CURL_NTLM_CORE) /* * NTLM details: @@ -50,8 +50,6 @@ in NTLM type-3 messages. */ -#if !defined(USE_WINDOWS_SSPI) || defined(USE_WIN32_CRYPTO) - #if defined(USE_OPENSSL) || defined(USE_WOLFSSL) #ifdef USE_WOLFSSL @@ -582,15 +580,11 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_hash(const char *user, size_t userlen, unsigned char *identity; CURLcode result = CURLE_OK; - /* we do the length checks below separately to avoid integer overflow risk - on extreme data lengths */ - if((userlen > SIZE_T_MAX/2) || - (domlen > SIZE_T_MAX/2) || - ((userlen + domlen) > SIZE_T_MAX/2)) + if((userlen > CURL_MAX_INPUT_LENGTH) || (domlen > CURL_MAX_INPUT_LENGTH)) return CURLE_OUT_OF_MEMORY; identity_len = (userlen + domlen) * 2; - identity = malloc(identity_len); + identity = malloc(identity_len + 1); if(!identity) return CURLE_OUT_OF_MEMORY; @@ -744,6 +738,4 @@ CURLcode Curl_ntlm_core_mk_lmv2_resp(unsigned char *ntlmv2hash, #endif /* USE_NTRESPONSES */ -#endif /* !USE_WINDOWS_SSPI || USE_WIN32_CRYPTO */ - -#endif /* USE_NTLM */ +#endif /* USE_CURL_NTLM_CORE */ |