A bug report on the curl-library list showed a HTTP Digest session going on

author Daniel Stenberg <daniel@haxx.se>

Thu, 29 Nov 2007 22:14:48 +0000 (22:14 +0000)

committer Daniel Stenberg <daniel@haxx.se>

Thu, 29 Nov 2007 22:14:48 +0000 (22:14 +0000)
author Daniel Stenberg <daniel@haxx.se>
Thu, 29 Nov 2007 22:14:48 +0000 (22:14 +0000)
committer Daniel Stenberg <daniel@haxx.se>
Thu, 29 Nov 2007 22:14:48 +0000 (22:14 +0000)
diff --git a/lib/http_digest.c b/lib/http_digest.c

index 595ebf0..e5efd3e 100644 (file)
--- a/lib/http_digest.c
+++ b/lib/http_digest.c
@@ -90,19 +90,19 @@ CURLdigest Curl_input_digest(struct connectdata *conn,
      Curl_digest_cleanup_one(d);
  
      while(more) {
-      char value[32];
-      char content[128];
+      char value[256];
+      char content[1024];
        size_t totlen=0;
  
        while(*header && ISSPACE(*header))
          header++;
  
        /* how big can these strings be? */
-      if((2 == sscanf(header, "%31[^=]=\"%127[^\"]\"",
+      if((2 == sscanf(header, "%255[^=]=\"%1023[^\"]\"",
                        value, content)) ||
           /* try the same scan but without quotes around the content but don't
              include the possibly trailing comma, newline or carriage return */
-         (2 ==  sscanf(header, "%31[^=]=%127[^\r\n,]",
+         (2 ==  sscanf(header, "%255[^=]=%1023[^\r\n,]",
                         value, content)) ) {
          if(strequal(value, "nonce")) {
            d->nonce = strdup(content);
author	Daniel Stenberg <daniel@haxx.se>
	Thu, 29 Nov 2007 22:14:48 +0000 (22:14 +0000)
committer	Daniel Stenberg <daniel@haxx.se>
	Thu, 29 Nov 2007 22:14:48 +0000 (22:14 +0000)