This is the mail archive of the ecos-bugs@sourceware.org mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug 1000377] New: ATHTTPD always parses Authorization header incorrectly


https://bugzilla.ecoscentric.com/show_bug.cgi?id=1000377

           Summary: ATHTTPD always parses Authorization header incorrectly
           Product: eCos
           Version: 2.0
          Platform: Other
        OS/Version: All
            Status: UNCONFIRMED
          Severity: critical
          Priority: high
         Component: Other
        AssignedTo: jifl@ecoscentric.com
        ReportedBy: bugzilla_rmvthis@ds3switch.com
         QAContact: ecos-bugs@sources.redhat.com


All ATHTTPD Authorization headers are parsed improperly causing remainder of header and POST information to be discarded or read as invalid.

http.c:cyg_httpd_process_header():977ish
is leaving src ptr p on a '\r' rather than after the '\n' as the rest of the code.

Suggested fix is to remove else as in:
//            else
            while (*p++ != '\n');
        }   
#endif // CYGOPT_NET_ATHTTPD_USE_AUTH

-- 
Configure bugmail: https://bugzilla.ecoscentric.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]