17 lines
412 B
Diff
17 lines
412 B
Diff
--- libhttpd.c
|
|
+++ libhttpd.c
|
|
@@ -1044,10 +1044,12 @@
|
|
}
|
|
|
|
/* Decode it. */
|
|
+ memset(authinfo, 0, sizeof(authinfo));
|
|
l = b64_decode(
|
|
&(hc->authorization[6]), (unsigned char*) authinfo,
|
|
sizeof(authinfo) - 1 );
|
|
- authinfo[l] = '\0';
|
|
+ authinfo[sizeof(authinfo)-1] = '\0';
|
|
+
|
|
/* Split into user and password. */
|
|
authpass = strchr( authinfo, ':' );
|
|
if ( authpass == (char*) 0 )
|