Handle missing base64 challenge in NegotiateAuth and NTLMAuth.

master
Fedor 2020-01-21 14:01:19 +03:00
parent cbdf8d0622
commit 157b45b3bb
2 changed files with 6 additions and 3 deletions

View File

@ -530,8 +530,11 @@ nsHttpNegotiateAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChanne
challenge++;
len = strlen(challenge);
if (!len)
return NS_ERROR_UNEXPECTED;
// strip off any padding (see bug 230351)
while (challenge[len - 1] == '=')
while (len && challenge[len - 1] == '=')
len--;
//

View File

@ -486,8 +486,8 @@ nsHttpNTLMAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel,
len -= 5;
// strip off any padding (see bug 230351)
while (challenge[len - 1] == '=')
len--;
while (len && challenge[len - 1] == '=')
len--;
// decode into the input secbuffer
rv = Base64Decode(challenge, len, (char**)&inBuf, &inBufLen);