<html>
<head>
<base href="https://bugs.webkit.org/">
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEW "
title="NEW - htdigestparser fails out early when malformed entries are found"
href="https://bugs.webkit.org/show_bug.cgi?id=170055#c8">Comment # 8</a>
on <a class="bz_bug_link
bz_status_NEW "
title="NEW - htdigestparser fails out early when malformed entries are found"
href="https://bugs.webkit.org/show_bug.cgi?id=170055">bug 170055</a>
from <span class="vcard"><a class="email" href="mailto:clopez@igalia.com" title="Carlos Alberto Lopez Perez <clopez@igalia.com>"> <span class="fn">Carlos Alberto Lopez Perez</span></a>
</span></b>
<pre>(In reply to Alexey Proskuryakov from <a href="show_bug.cgi?id=170055#c7">comment #7</a>)
<span class="quote">> One surprisingly common scenario in which it is important to parse configs
> strictly is to protect against a vulnerability where an attacker has partial
> control over their content. E.g. they could put arbitrary content there, but
> only with some prefix.
>
> So I don't think that being forgiving is desirable.</span >
That patch doesn't cause the auth to be more forgiving.
What this does is to only try to authenticate if the entry with the digest hash meets a minimum requirements.
I think is worse from a security point of view to go ahead and try to authenticate against a hash that is clearly not a md5 one (>32 chars or non alphanumeric) when you know it should be a md5, than to filter that entry and ignore it.
In any case this authentication system (AFAIK) is only used for triggering new builds (clean builds) in build.webkit.org. Years ago we had this without even any auth at all.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>