diff options
| author | Denis Vlasenko <vda.linux@googlemail.com> | 2007-06-30 15:06:45 +0000 |
|---|---|---|
| committer | Denis Vlasenko <vda.linux@googlemail.com> | 2007-06-30 15:06:45 +0000 |
| commit | 32a66a8e93626df3e1fa9dcee0a6046033c4c692 (patch) | |
| tree | 1fffc5013ec5bd9a69c45640c7cdba6c9459d705 | |
| parent | 4bbeebd6668338ddf821e48010e79e3bd2eed4a7 (diff) | |
| download | busybox-w32-32a66a8e93626df3e1fa9dcee0a6046033c4c692.tar.gz busybox-w32-32a66a8e93626df3e1fa9dcee0a6046033c4c692.tar.bz2 busybox-w32-32a66a8e93626df3e1fa9dcee0a6046033c4c692.zip | |
wget: fix buffer overflow in HTTP auth
| -rw-r--r-- | networking/wget.c | 4 | ||||
| -rw-r--r-- | shell/Config.in | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/networking/wget.c b/networking/wget.c index 2c060d77d..c06a09d72 100644 --- a/networking/wget.c +++ b/networking/wget.c | |||
| @@ -267,11 +267,11 @@ int wget_main(int argc, char **argv) | |||
| 267 | #if ENABLE_FEATURE_WGET_AUTHENTICATION | 267 | #if ENABLE_FEATURE_WGET_AUTHENTICATION |
| 268 | if (target.user) { | 268 | if (target.user) { |
| 269 | fprintf(sfp, "Authorization: Basic %s\r\n", | 269 | fprintf(sfp, "Authorization: Basic %s\r\n", |
| 270 | base64enc((unsigned char*)target.user, buf, sizeof(buf))); | 270 | base64enc((unsigned char*)target.user, buf, strlen(target.user))); |
| 271 | } | 271 | } |
| 272 | if (use_proxy && server.user) { | 272 | if (use_proxy && server.user) { |
| 273 | fprintf(sfp, "Proxy-Authorization: Basic %s\r\n", | 273 | fprintf(sfp, "Proxy-Authorization: Basic %s\r\n", |
| 274 | base64enc((unsigned char*)server.user, buf, sizeof(buf))); | 274 | base64enc((unsigned char*)server.user, buf, strlen(server.user))); |
| 275 | } | 275 | } |
| 276 | #endif | 276 | #endif |
| 277 | 277 | ||
diff --git a/shell/Config.in b/shell/Config.in index 90479013e..0689b4ec2 100644 --- a/shell/Config.in +++ b/shell/Config.in | |||
| @@ -179,6 +179,7 @@ config HUSH | |||
| 179 | config HUSH_HELP | 179 | config HUSH_HELP |
| 180 | bool "help builtin" | 180 | bool "help builtin" |
| 181 | default n | 181 | default n |
| 182 | depends on HUSH | ||
| 182 | help | 183 | help |
| 183 | Enable help builtin in hush. Code size + ~1 kbyte. | 184 | Enable help builtin in hush. Code size + ~1 kbyte. |
| 184 | 185 | ||
| @@ -206,18 +207,21 @@ config HUSH_JOB | |||
| 206 | config HUSH_TICK | 207 | config HUSH_TICK |
| 207 | bool "Process substitution" | 208 | bool "Process substitution" |
| 208 | default n | 209 | default n |
| 210 | depends on HUSH | ||
| 209 | help | 211 | help |
| 210 | Enable process substitution `command` and $(command) in hush. | 212 | Enable process substitution `command` and $(command) in hush. |
| 211 | 213 | ||
| 212 | config HUSH_IF | 214 | config HUSH_IF |
| 213 | bool "Support if/then/elif/else/fi" | 215 | bool "Support if/then/elif/else/fi" |
| 214 | default n | 216 | default n |
| 217 | depends on HUSH | ||
| 215 | help | 218 | help |
| 216 | Enable if/then/elif/else/fi in hush. | 219 | Enable if/then/elif/else/fi in hush. |
| 217 | 220 | ||
| 218 | config HUSH_LOOPS | 221 | config HUSH_LOOPS |
| 219 | bool "Support for, while and until loops" | 222 | bool "Support for, while and until loops" |
| 220 | default n | 223 | default n |
| 224 | depends on HUSH | ||
| 221 | help | 225 | help |
| 222 | Enable for, while and until loops in hush. | 226 | Enable for, while and until loops in hush. |
| 223 | 227 | ||