From: Denis Vlasenko Date: Sat, 30 Jun 2007 15:06:45 +0000 (-0000) Subject: wget: fix buffer overflow in HTTP auth X-Git-Tag: 1_6_1~1 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=32a66a8e93626df3e1fa9dcee0a6046033c4c692;p=oweals%2Fbusybox.git wget: fix buffer overflow in HTTP auth --- diff --git a/networking/wget.c b/networking/wget.c index 2c060d77d..c06a09d72 100644 --- a/networking/wget.c +++ b/networking/wget.c @@ -267,11 +267,11 @@ int wget_main(int argc, char **argv) #if ENABLE_FEATURE_WGET_AUTHENTICATION if (target.user) { fprintf(sfp, "Authorization: Basic %s\r\n", - base64enc((unsigned char*)target.user, buf, sizeof(buf))); + base64enc((unsigned char*)target.user, buf, strlen(target.user))); } if (use_proxy && server.user) { fprintf(sfp, "Proxy-Authorization: Basic %s\r\n", - base64enc((unsigned char*)server.user, buf, sizeof(buf))); + base64enc((unsigned char*)server.user, buf, strlen(server.user))); } #endif diff --git a/shell/Config.in b/shell/Config.in index 90479013e..0689b4ec2 100644 --- a/shell/Config.in +++ b/shell/Config.in @@ -179,6 +179,7 @@ config HUSH config HUSH_HELP bool "help builtin" default n + depends on HUSH help Enable help builtin in hush. Code size + ~1 kbyte. @@ -206,18 +207,21 @@ config HUSH_JOB config HUSH_TICK bool "Process substitution" default n + depends on HUSH help Enable process substitution `command` and $(command) in hush. config HUSH_IF bool "Support if/then/elif/else/fi" default n + depends on HUSH help Enable if/then/elif/else/fi in hush. config HUSH_LOOPS bool "Support for, while and until loops" default n + depends on HUSH help Enable for, while and until loops in hush.