krb5: use private buffer for temp string, not receive buffer

author Daniel Stenberg <daniel@haxx.se>

Tue, 25 Apr 2017 12:37:45 +0000 (14:37 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Mon, 1 May 2017 20:55:29 +0000 (22:55 +0200)
author Daniel Stenberg <daniel@haxx.se>
Tue, 25 Apr 2017 12:37:45 +0000 (14:37 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Mon, 1 May 2017 20:55:29 +0000 (22:55 +0200)
diff --git a/lib/krb5.c b/lib/krb5.c

index 067b0a5778249ad4dfe2a3607d1be1c5eec52cf3..69a35979a89fd6d1470d894fff7a5e05706c4fcb 100644 (file)
--- a/lib/krb5.c
+++ b/lib/krb5.c
@@ -164,6 +164,7 @@ krb5_auth(void *app_data, struct connectdata *conn)
    size_t base64_sz = 0;
    struct sockaddr_in **remote_addr =
      (struct sockaddr_in **)&conn->ip_addr->ai_addr;
+  char *stringp;
  
    if(getsockname(conn->sock[FIRSTSOCKET],
                   (struct sockaddr *)&conn->local_addr, &l) < 0)
@@ -193,16 +194,19 @@ krb5_auth(void *app_data, struct connectdata *conn)
          return -1;
      }
  
-    input_buffer.value = data->state.buffer;
-    input_buffer.length = snprintf(input_buffer.value, BUFSIZE, "%s@%s",
-                                   service, host);
+    stringp = aprintf("%s@%s", service, host);
+    if(!stringp)
+      return -2;
+
+    input_buffer.value = stringp;
+    input_buffer.length = strlen(stringp);
      maj = gss_import_name(&min, &input_buffer, GSS_C_NT_HOSTBASED_SERVICE,
                            &gssname);
+    free(stringp);
      if(maj != GSS_S_COMPLETE) {
        gss_release_name(&min, &gssname);
        if(service == srv_host) {
-        Curl_failf(data, "Error importing service name %s",
-                   input_buffer.value);
+        Curl_failf(data, "Error importing service name %s@%s", service, host);
          return AUTH_ERROR;
        }
        service = srv_host;
author	Daniel Stenberg <daniel@haxx.se>
	Tue, 25 Apr 2017 12:37:45 +0000 (14:37 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Mon, 1 May 2017 20:55:29 +0000 (22:55 +0200)