curl-library
Re: [PATCH 1/2] ntlm_wb: Fix hard-coded limit on NTLM auth packet size
Date: Fri, 11 Jul 2014 23:50:28 +0200
Am 2014-07-11 23:39, schrieb Steve Holme:
> On Fri, 11 Jul 2014, Michael Osipov wrote:
>
>>> However, I would be interested to hear other user's views on a
>>> hardcoded buffer size versus having to read the input and reallocate
>>> the buffer if it isn't long enough first.
>>
>> If a static size is enough for most cases, this is fine but I do not think
>> that it makes sense to use something like char *buf = char[SIZE] and
>> then realizing at runtime that this is not enough and then resort to
>> malloc along with a memset. I like David's approach: char *buf =
>> malloc(SIZE) and then realloc if needed. Yes -- a malloc requires a
>> free but that should not be a problem.
>>
>> WDYT?
>
> I have mixed feelings myself:
>
> * As we use NTLM_BUFSIZE for the native type 1 and type generation I would be tempted to use it for the Winbind implementation as well
Yes, why not. Unification means less maintenance.
> * If the buffer could be a larger amount - for example above 2k or even 4k then I would take David's approach
> * If I was to use David's approach I would probably recommend a larger "grow by" amount of either 512 bytes or even 1k (NTLM_BUFSIZE) to reduce the number of reallocs
Yes, why not increase. Do you have a rough estimate about the average
bytes needed? I would align to power of 2 and use malloc.
Michael
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-07-11