crtxcr/cgitsb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

auth-filter: do not write more than we've read

Browse Source 
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld
2018-07-14 05:09:27 +02:00
parent c3b5b5f648
commit 93a2c33051
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cgit.c
View File

@@ -659,13 +659,13 @@ static inline void open_auth_filter(const char *function)
static inline void authenticate_post(void) static inline void authenticate_post(void)
{ {
char buffer[MAX_AUTHENTICATION_POST_BYTES]; char buffer[MAX_AUTHENTICATION_POST_BYTES];
unsigned int len; ssize_t len;
open_auth_filter("authenticate-post"); open_auth_filter("authenticate-post");
len = ctx.env.content_length; len = ctx.env.content_length;
if (len > MAX_AUTHENTICATION_POST_BYTES) if (len > MAX_AUTHENTICATION_POST_BYTES)
len = MAX_AUTHENTICATION_POST_BYTES; len = MAX_AUTHENTICATION_POST_BYTES;
if (read(STDIN_FILENO, buffer, len) < 0) if ((len = read(STDIN_FILENO, buffer, len)) < 0)
die_errno("Could not read POST from stdin"); die_errno("Could not read POST from stdin");
if (write(STDOUT_FILENO, buffer, len) < 0) if (write(STDOUT_FILENO, buffer, len) < 0)
die_errno("Could not write POST to stdout"); die_errno("Could not write POST to stdout");