From fdddab0c61c55c25d4218d4370e2b16a7936a794 Mon Sep 17 00:00:00 2001 From: Denis Vlasenko Date: Thu, 12 Jun 2008 16:56:52 +0000 Subject: make pw_encrypt() return malloc'ed string. text data bss dec hex filename 759802 604 6684 767090 bb472 busybox_old 759804 604 6676 767084 bb46c busybox_unstripped --- networking/httpd.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'networking') diff --git a/networking/httpd.c b/networking/httpd.c index 78c6f4d1d..352a97d3c 100644 --- a/networking/httpd.c +++ b/networking/httpd.c @@ -1721,7 +1721,6 @@ static int checkPerm(const char *path, const char *request) } if (ENABLE_FEATURE_HTTPD_AUTH_MD5) { - char *cipher; char *pp; if (strncmp(p, request, u - request) != 0) { @@ -1732,9 +1731,10 @@ static int checkPerm(const char *path, const char *request) if (pp && pp[1] == '$' && pp[2] == '1' && pp[3] == '$' && pp[4] ) { - pp++; - cipher = pw_encrypt(u+1, pp, 1); - if (strcmp(cipher, pp) == 0) + char *encrypted = pw_encrypt(u+1, ++pp, 1); + int r = strcmp(encrypted, pp); + free(encrypted); + if (r == 0) goto set_remoteuser_var; /* Ok */ /* unauthorized */ continue; -- cgit v1.2.3