From ab4b175253d21b5475a60a51b4406aaae55d1166 Mon Sep 17 00:00:00 2001
From: Rainer Jung <rjung@apache.org>
Date: Thu, 15 Mar 2018 22:56:40 +0000
Subject: [PATCH] Merge 1781516 fro trunk:

htpasswd/htdbm: report the right limit when get_password()
overflows.

Submitted by: rjung
Reviewed by: rjung, covener, jailletc36


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826888 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES                 | 3 +++
 STATUS                  | 9 +--------
 support/passwd_common.c | 2 +-
 3 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/CHANGES b/CHANGES
index 020215dd23..7b5a43b675 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.33
 
+  *) htpasswd/htdbm: report the right limit when get_password() overflows.
+     [Yann Ylavic]
+
   *) htpasswd: Don't fail in -v mode if password file is unwritable.
      PR 61631.  [Joe Orton]
 
diff --git a/STATUS b/STATUS
index 67c46203da..9aa27384a5 100644
--- a/STATUS
+++ b/STATUS
@@ -126,13 +126,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
      2.4.x patch: svn merge -c 1826686 ^/httpd/httpd/trunk .
      +1: jailletc36, ylavic, covener
 
-  *) htpasswd/htdbm: report the right limit when get_password() overflows.
-     This brings 2.4.x passwd_common.c in sync with trunk.
-     trunk patch: http://svn.apache.org/r1781516
-     2.4.x patch: svn merge -c 1781516 ^/httpd/httpd/trunk .
-                  plus CHANGES
-     +1: rjung, covener, jailletc36
-
   *) ab: try all destination socket addresses returned by apr_sockaddr_info_get
      instead of failing on first one when not available.
      Needed for instance if localhost resolves to both ::1 and 127.0.0.1
@@ -214,7 +207,7 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
      +1: rjung
      ylavic: likewise, patch not found
 
-  *) mod_slomem_shm: Fix failure to create balancers's slotmems in Windows MPM,
+  *) mod_slotmem_shm: Fix failure to create balancers's slotmems in Windows MPM,
      where children processes need to attach them instead since they are owned
      by the parent process already.
      trunk patch: http://svn.apache.org/r1826845
diff --git a/support/passwd_common.c b/support/passwd_common.c
index 113236c399..664e509b95 100644
--- a/support/passwd_common.c
+++ b/support/passwd_common.c
@@ -168,7 +168,7 @@ int get_password(struct passwd_ctx *ctx)
 err_too_long:
     ctx->errstr = apr_psprintf(ctx->pool,
                                "password too long (>%" APR_SIZE_T_FMT ")",
-                               ctx->out_len - 1);
+                               sizeof(buf) - 1);
     return ERR_OVERFLOW;
 }
 
-- 
2.40.0