Closed
Bug 42782
Opened 24 years ago
Closed 24 years ago
basic auth sends password with a trailing null
Categories
(Core :: Networking, defect, P3)
Tracking
()
VERIFIED
FIXED
People
(Reporter: anthony, Assigned: shaver)
References
()
Details
Basic auth sends the base64 encoded username:password with a trailing null. Naughty. For username 'anthony', password 'anthony', older mozillas and netscape send: YW50aG9ueTphbnRob255 anthony:anthony But mozilla sends YW50aG9ueTphbnRob255AA== anthony:anthony\0 This has probably been able to escape detection because most servers are written in C :) This is in 2000061510, and a number of others from the last two weeks.
Reporter | ||
Comment 1•24 years ago
|
||
I think the problem's in nsBasicAuth, why is it +2, not +1?
Comment 2•24 years ago
|
||
Shaver changed the call PL_Base64Encode from PL_Base64Encode(tempBuff, 0, nsnull); to PL_Base64Encode(tempBuff, length, nsnull); thus not letting PL_Base64Encode figure out the string length with PL_strlen. As 'length' is the length allocated for the 'user:password' string, this includes the trailing null. Either above call should revert to PL_Base64Encode(tempBuff, 0, nsnull); again, or it should be called as PL_Base64Encode(tempBuff, length - 1, nsnull); // Length minus trailing null Or there should be a check for the trailing null, adjusting the length appropriatly. CC-ing shaver for feedback on change.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Assignee | ||
Comment 3•24 years ago
|
||
I'll take this one, and attach a compiles, should-work, haven't yet tested patch for review. Can someone put an URL in this bug that I can use to test it?
Assignee: gagan → shaver
Comment 4•24 years ago
|
||
URL with basic auth (lowercase 'basic' =)): http://www.zopatista.com/manage user basic_auth, password basic_auth
Assignee | ||
Comment 5•24 years ago
|
||
OK, I'm going to attach a patch to 42008 that should fix this as well. Thanks, MJ!
Status: NEW → ASSIGNED
Comment 7•24 years ago
|
||
Set dependency to remind ppl of the fact that the patch for this bug is attached to bug #42008.
Depends on: 42008
Reporter | ||
Comment 8•24 years ago
|
||
This is now fixed (the patch applied for 42008 also fixes this). Can/Should I mark it as fixed, or is that for the QA types to do?
Assignee | ||
Comment 9•24 years ago
|
||
Long dead, thanks to blizzard.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•