From a5b6f91e8d631c5750b1b883dd812576fd930c3c Mon Sep 17 00:00:00 2001 From: Marc Hoersken Date: Sat, 6 Oct 2012 15:47:14 +0200 Subject: curl_schannel.c: Fixed caching more data than required Do not fill the decrypted data buffer with more data unless required in order to return the requested amount of data. --- lib/curl_schannel.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/curl_schannel.c b/lib/curl_schannel.c index f57dc1f4d..75fa071ce 100644 --- a/lib/curl_schannel.c +++ b/lib/curl_schannel.c @@ -863,7 +863,8 @@ schannel_recv(struct connectdata *conn, int sockindex, connssl->encdata_offset, connssl->encdata_length); /* check if we still have some data in our buffers */ - while(connssl->encdata_offset > 0 && sspi_status == SEC_E_OK) { + while(connssl->encdata_offset > 0 && sspi_status == SEC_E_OK && + connssl->decdata_offset < len) { /* prepare data buffer for DecryptMessage call */ InitSecBuffer(&inbuf[0], SECBUFFER_DATA, connssl->encdata_buffer, curlx_uztoul(connssl->encdata_offset)); @@ -970,6 +971,9 @@ schannel_recv(struct connectdata *conn, int sockindex, } } + infof(data, "schannel: decrypted data buffer: offset %zu length %zu\n", + connssl->decdata_offset, connssl->decdata_length); + /* copy requested decrypted data to supplied buffer */ size = len < connssl->decdata_offset ? len : connssl->decdata_offset; if(size > 0) { @@ -980,6 +984,10 @@ schannel_recv(struct connectdata *conn, int sockindex, memmove(connssl->decdata_buffer, connssl->decdata_buffer + size, connssl->decdata_offset - size); connssl->decdata_offset -= size; + + infof(data, "schannel: decrypted data returned %zd\n", size); + infof(data, "schannel: decrypted data buffer: offset %zu length %zu\n", + connssl->decdata_offset, connssl->decdata_length); } /* check if the server closed the connection */ -- cgit v1.2.3