Re: Commit crasher fix to libsoup?

Nate Nielsen wrote:
>> No... RFC 2617 says that any auth response containing a challenge must
>> contain a realm token, so the server response here is invalid, and
>> soup_auth_new_from_header_list() should be returning NULL rather than
>> returning a SoupAuth with a NULL realm. 
> RFC doesn't say that the app should crash. If a application using
> libsoup segfaults on invalid input, then that would seem to me to be
> security bug that needs to be fixed.

Right, as I said, I think the fix should be to return NULL from
soup_auth_new_from_header_list() in this case. That would fix the crash,
because then every SoupAuth would always have a realm, so the strcmp in
soup-session would always be safe.

>> What server is this that's
>> sending that response back?
> This is a proprietary app server. But that's not the point.

Well, it is, because if you wrote the server, then I can make soup
ignore its malformed WWW-Authenticate response, and tell you to fix your
server, and not feel guilty. Whereas if you don't control the server,
then I either need to make libsoup cope with its bad response, or feel
guilty about not doing it. :)

-- Dan

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]