On Tue, 13 Jul 2004, Andrew Bartlett wrote: > While I've been trying to code up the 'Negotiate' (SPNEGO) support for > Squid, I have seen a lot of: > > ntlm_request->authchallenge = xstrndup(reply, NTLM_CHALLENGE_SZ > + 5);
As robert already said, there is no reason xstrdup should not be used here, and I also suspect many of these copies should go away completely when we get rid of the challenge/response cache. > These worry me - not only are these packets not fixed size, Squid has no > way of knowing what they should be! Correct. Squid has no business trying to guess the properties of the exchanged blobs. Regards Henrik
