From 45a2240ead02333e6ddf988af33e0093dbbfcd10 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 29 Nov 2007 22:14:48 +0000 Subject: [PATCH] A bug report on the curl-library list showed a HTTP Digest session going on with a 700+ letter nonce. Previously libcurl only support 127 letter ones and now I bumped it to 1023. --- lib/http_digest.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/http_digest.c b/lib/http_digest.c index 595ebf0..e5efd3e 100644 --- a/lib/http_digest.c +++ b/lib/http_digest.c @@ -90,19 +90,19 @@ CURLdigest Curl_input_digest(struct connectdata *conn, Curl_digest_cleanup_one(d); while(more) { - char value[32]; - char content[128]; + char value[256]; + char content[1024]; size_t totlen=0; while(*header && ISSPACE(*header)) header++; /* how big can these strings be? */ - if((2 == sscanf(header, "%31[^=]=\"%127[^\"]\"", + if((2 == sscanf(header, "%255[^=]=\"%1023[^\"]\"", value, content)) || /* try the same scan but without quotes around the content but don't include the possibly trailing comma, newline or carriage return */ - (2 == sscanf(header, "%31[^=]=%127[^\r\n,]", + (2 == sscanf(header, "%255[^=]=%1023[^\r\n,]", value, content)) ) { if(strequal(value, "nonce")) { d->nonce = strdup(content); -- 2.7.4