diff --git a/lib/url.c b/lib/url.c index bebf51df1..ef2732b06 100644 --- a/lib/url.c +++ b/lib/url.c @@ -2351,6 +2351,8 @@ static CURLcode CreateConnection(struct SessionHandle *data, char proxyuser[MAX_CURL_USER_LENGTH]; char proxypasswd[MAX_CURL_PASSWORD_LENGTH]; + char *fineptr; + /* skip the possible protocol piece */ ptr=strstr(proxy, "://"); if(ptr) @@ -2358,9 +2360,12 @@ static CURLcode CreateConnection(struct SessionHandle *data, else ptr = proxy; + fineptr = ptr; + /* check for an @-letter */ ptr = strchr(ptr, '@'); - if(ptr && (2 == sscanf(proxy, "%" MAX_CURL_USER_LENGTH_TXT"[^:]:" + if(ptr && (2 == sscanf(fineptr, + "%" MAX_CURL_USER_LENGTH_TXT"[^:]:" "%" MAX_CURL_PASSWORD_LENGTH_TXT "[^@]", proxyuser, proxypasswd))) { /* found user and password, rip them out */ @@ -2378,7 +2383,7 @@ static CURLcode CreateConnection(struct SessionHandle *data, conn->bits.proxy_user_passwd = TRUE; /* enable it */ - ptr = strdup(ptr+1); + ptr = strdup(ptr+1); /* the right side of the @-letter */ free(proxy); /* free the former data */ proxy = ptr; /* now use this instead */ } diff --git a/tests/data/test63 b/tests/data/test63 index dc5e8ad1e..3806237e9 100644 --- a/tests/data/test63 +++ b/tests/data/test63 @@ -32,7 +32,7 @@ http://we.want.that.site.com/63 GET http://we.want.that.site.com/63 HTTP/1.1 -Proxy-authorization: Basic aHR0cDovL2Zha2U6dXNlcg== +Proxy-authorization: Basic ZmFrZTp1c2Vy Host: we.want.that.site.com Pragma: no-cache Accept: */*