Alexandre Julliard wrote:
Robert Shearman <rob(a)codeweavers.com> writes:
+ if (strncmpiW(pszAuthValue, szBasic, sizeof(szBasic)/sizeof(szBasic[0])-1)) + {
When using strncmp you need to also check that you reached the end of the first string.
Hmm, it seems strncmpiW already does that for me so I'm a little confused:
int strncmpiW( const WCHAR *str1, const WCHAR *str2, int n ) { int ret = 0; for ( ; n > 0; n--, str1++, str2++) if ((ret = tolowerW(*str1) - tolowerW(*str2)) || !*str1) break; return ret; }
+ /* compare against last character to be set to avoid a race */ + if (HTTP_Base64Dec['/'] != 63) + {
This won't avoid the race, you'll still get garbage if two threads get here at the same time.
Good spot, I'll fix this. -- Rob Shearman