summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2018-07-14 03:09:27 +0000
committerJason A. Donenfeld <Jason@zx2c4.com>2018-07-14 03:09:27 +0000
commit93a2c3305190ca87cc1a6c98868c251ef67c3f37 (patch)
tree9d38211667459409b313c223086439b01489e440
parentc3b5b5f648d953307672a4b30e9222787668f708 (diff)
downloadcgit-93a2c3305190ca87cc1a6c98868c251ef67c3f37.tar
cgit-93a2c3305190ca87cc1a6c98868c251ef67c3f37.tar.gz
cgit-93a2c3305190ca87cc1a6c98868c251ef67c3f37.zip
auth-filter: do not write more than we've read
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r--cgit.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/cgit.c b/cgit.c
index e2d7891..fda0aa4 100644
--- a/cgit.c
+++ b/cgit.c
@@ -659,13 +659,13 @@ static inline void open_auth_filter(const char *function)
static inline void authenticate_post(void)
{
char buffer[MAX_AUTHENTICATION_POST_BYTES];
- unsigned int len;
+ ssize_t len;
open_auth_filter("authenticate-post");
len = ctx.env.content_length;
if (len > MAX_AUTHENTICATION_POST_BYTES)
len = MAX_AUTHENTICATION_POST_BYTES;
- if (read(STDIN_FILENO, buffer, len) < 0)
+ if ((len = read(STDIN_FILENO, buffer, len)) < 0)
die_errno("Could not read POST from stdin");
if (write(STDOUT_FILENO, buffer, len) < 0)
die_errno("Could not write POST to stdout");