* src/http-ntlm.c (ntlm_input): Replace alloca by fixed length array

2025-01-05 09:50:27 +08:00 · 2020-02-12 16:44:59 +01:00 · 2020-02-12 16:44:59 +01:00 · 1ebd88063d
commit 1ebd88063d
parent c65c23cfc7
1 changed files with 3 additions and 3 deletions
--- a/src/http-ntlm.c
+++ b/src/http-ntlm.c
@ -118,17 +118,17 @@ ntlm_input (struct ntlmdata *ntlm, const char *header)
         32 (48) start of data block
      */
      ssize_t size;
-      char *buffer = (char *) alloca (strlen (header));
+      char buffer[48]; // decode 48 bytes needs ((48 + 2) / 3) * 4 + 1 bytes

      DEBUGP (("Received a type-2 NTLM message.\n"));

-      size = wget_base64_decode (header, buffer, strlen (header));
+      size = wget_base64_decode (header, buffer, sizeof (buffer));
      if (size < 0)
        return false;           /* malformed base64 from server */

      ntlm->state = NTLMSTATE_TYPE2; /* we got a type-2 */

-      if (size >= 48)
+      if ((size_t) size >= sizeof (buffer))
        /* the nonce of interest is index [24 .. 31], 8 bytes */
        memcpy (ntlm->nonce, &buffer[24], 8);