File: 904_security_htpasswd_user_buffer_overflow

package info (click to toggle)
apache 1.3.34-4.1
  • links: PTS
  • area: main
  • in suites: etch-m68k
  • size: 4,800 kB
  • ctags: 90
  • sloc: sh: 1,273; makefile: 685; perl: 215
file content (19 lines) | stat: -rw-r--r-- 717 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
 
--- build-tree/apache_1.3.34/src/support/htpasswd.c	2004-11-13 04:52:08.000000000 -0700
+++ build-tree/apache_1.3.34/src/support/htpasswd.c	2004-11-13 04:53:44.000000000 -0700
@@ -414,11 +414,11 @@
 	    return ERR_OVERFLOW;
 	}
 	strcpy(pwfilename, argv[i]);
-	if (strlen(argv[i + 1]) > (sizeof(user) - 1)) {
-	    fprintf(stderr, "%s: username too long (>%lu)\n", argv[0],
-		    (unsigned long)(sizeof(user) - 1));
-	    return ERR_OVERFLOW;
-	}
+    }
+    if (strlen(argv[i + 1]) > (sizeof(user) - 1)) {
+	fprintf(stderr, "%s: username too long (>%lu)\n", argv[0],
+		(unsigned long)(sizeof(user) - 1));
+	return ERR_OVERFLOW;
     }
     strcpy(user, argv[i + 1]);
     if ((arg = strchr(user, ':')) != NULL) {