mirror of
https://github.com/curl/curl.git
synced 2026-04-14 22:11:45 +03:00
lib: reduce memcpy calls
socks_gssapi: the malloc + memcpy was superflous and can be skipped cleartext: avoid malloc + three memcpy with aprintf() digest_sspi: use memdup0 instead of malloc + memcpy vtls: use memdup0 instead of malloc + memcpy Closes #19282
This commit is contained in:
Daniel Stenberg
parent
fbc4d59151
commit
80258309b2
4 changed files with 22 additions and 53 deletions
|
|
@ -126,7 +126,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
gss_name_t server = GSS_C_NO_NAME;
|
||||
gss_name_t gss_client_name = GSS_C_NO_NAME;
|
||||
unsigned short us_length;
|
||||
char *user = NULL;
|
||||
unsigned char socksreq[4]; /* room for GSS-API exchange header only */
|
||||
const char *serviceptr = data->set.str[STRING_PROXY_SERVICE_NAME] ?
|
||||
data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd";
|
||||
|
|
@ -327,21 +326,12 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
failf(data, "Failed to determine username.");
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
user = malloc(gss_send_token.length + 1);
|
||||
if(!user) {
|
||||
Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL);
|
||||
gss_release_name(&gss_status, &gss_client_name);
|
||||
gss_release_buffer(&gss_status, &gss_send_token);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
memcpy(user, gss_send_token.value, gss_send_token.length);
|
||||
user[gss_send_token.length] = '\0';
|
||||
infof(data, "SOCKS5 server authenticated user %.*s with GSS-API.",
|
||||
(int)gss_send_token.length, (char *)gss_send_token.value);
|
||||
|
||||
gss_release_name(&gss_status, &gss_client_name);
|
||||
gss_release_buffer(&gss_status, &gss_send_token);
|
||||
infof(data, "SOCKS5 server authenticated user %s with GSS-API.",user);
|
||||
free(user);
|
||||
user = NULL;
|
||||
|
||||
/* Do encryption */
|
||||
socksreq[0] = 1; /* GSS-API subnegotiation version */
|
||||
|
|
|
|||
|
|
@ -62,35 +62,24 @@ CURLcode Curl_auth_create_plain_message(const char *authzid,
|
|||
const char *passwd,
|
||||
struct bufref *out)
|
||||
{
|
||||
char *plainauth;
|
||||
size_t plainlen;
|
||||
size_t zlen;
|
||||
size_t clen;
|
||||
size_t plen;
|
||||
size_t len;
|
||||
char *auth;
|
||||
|
||||
zlen = (authzid == NULL ? 0 : strlen(authzid));
|
||||
clen = strlen(authcid);
|
||||
plen = strlen(passwd);
|
||||
size_t zlen = (authzid == NULL ? 0 : strlen(authzid));
|
||||
size_t clen = strlen(authcid);
|
||||
size_t plen = strlen(passwd);
|
||||
|
||||
/* Compute binary message length. Check for overflows. */
|
||||
if((zlen > SIZE_MAX/4) || (clen > SIZE_MAX/4) ||
|
||||
(plen > (SIZE_MAX/2 - 2)))
|
||||
if((zlen > CURL_MAX_INPUT_LENGTH) || (clen > CURL_MAX_INPUT_LENGTH) ||
|
||||
(plen > CURL_MAX_INPUT_LENGTH))
|
||||
return CURLE_TOO_LARGE;
|
||||
|
||||
len = zlen + clen + plen + 2;
|
||||
|
||||
auth = curl_maprintf("%s%c%s%c%s", authzid ? authzid : "", '\0',
|
||||
authcid, '\0', passwd);
|
||||
if(!auth)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
plainlen = zlen + clen + plen + 2;
|
||||
|
||||
plainauth = malloc(plainlen + 1);
|
||||
if(!plainauth)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
/* Calculate the reply */
|
||||
if(zlen)
|
||||
memcpy(plainauth, authzid, zlen);
|
||||
plainauth[zlen] = '\0';
|
||||
memcpy(plainauth + zlen + 1, authcid, clen);
|
||||
plainauth[zlen + clen + 1] = '\0';
|
||||
memcpy(plainauth + zlen + clen + 2, passwd, plen);
|
||||
plainauth[plainlen] = '\0';
|
||||
Curl_bufref_set(out, plainauth, plainlen, curl_free);
|
||||
Curl_bufref_set(out, auth, len, curl_free);
|
||||
return CURLE_OK;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -629,24 +629,15 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||
Curl_sspi_free_identity(p_identity);
|
||||
}
|
||||
|
||||
resp = malloc(output_token_len + 1);
|
||||
resp = Curl_memdup0((const char *)output_token, output_token_len);
|
||||
free(output_token);
|
||||
if(!resp) {
|
||||
free(output_token);
|
||||
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
/* Copy the generated response */
|
||||
memcpy(resp, output_token, output_token_len);
|
||||
resp[output_token_len] = 0;
|
||||
|
||||
/* Return the response */
|
||||
*outptr = resp;
|
||||
*outlen = output_token_len;
|
||||
|
||||
/* Free the response buffer */
|
||||
free(output_token);
|
||||
|
||||
return CURLE_OK;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -75,6 +75,7 @@
|
|||
#include "../select.h"
|
||||
#include "../setopt.h"
|
||||
#include "../rand.h"
|
||||
#include "../strdup.h"
|
||||
|
||||
#ifdef USE_APPLE_SECTRUST
|
||||
#include <Security/Security.h>
|
||||
|
|
@ -2060,11 +2061,9 @@ CURLcode Curl_alpn_set_negotiated(struct Curl_cfilter *cf,
|
|||
result = CURLE_SSL_CONNECT_ERROR;
|
||||
goto out;
|
||||
}
|
||||
connssl->negotiated.alpn = malloc(proto_len + 1);
|
||||
connssl->negotiated.alpn = Curl_memdup0((const char *)proto, proto_len);
|
||||
if(!connssl->negotiated.alpn)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
memcpy(connssl->negotiated.alpn, proto, proto_len);
|
||||
connssl->negotiated.alpn[proto_len] = 0;
|
||||
}
|
||||
|
||||
if(proto && proto_len) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue