From 4ad9506140c5d0f2d26bfefa4c58da499081ca04 Mon Sep 17 00:00:00 2001
From: Dimitri Papadopoulos
 <3234522+DimitriPapadopoulos@users.noreply.github.com>
Date: Mon, 22 Jul 2024 15:08:47 +0200
Subject: [PATCH 1/2] Proper size and initialisation for array `data`

---
 src/http.c                        | 20 ++++++++++++++++++--
 tests/ci/checkpatch/checkpatch.pl |  0
 2 files changed, 18 insertions(+), 2 deletions(-)
 mode change 100644 => 100755 tests/ci/checkpatch/checkpatch.pl

diff --git a/src/http.c b/src/http.c
index 4a202ae3..82d33d6e 100644
--- a/src/http.c
+++ b/src/http.c
@@ -639,7 +639,24 @@ int auth_log_in(struct tunnel *tunnel)
 	char portal[64] = { '\0' };
 	char magic[32] = {'\0' };
 	char peer[32]  = { '\0' };
-	char data[9 + 3 * USERNAME_SIZE + 12 + 3 * PASSWORD_SIZE + 7 + 3 * REALM_SIZE + 7 + 1];
+#define OFV_MAX(a, b) ((a) > (b) ? a : b)
+	char data[OFV_MAX(
+	                  // username=%s&realm=%s&ajax=1&...&just_logged_in=1
+	                  sizeof("username=") +
+	                  3 * USERNAME_SIZE +
+	                  sizeof("realm=") +
+	                  3 * REALM_SIZE +
+	                  sizeof("ajax=1&redir=%%2Fremote%%2Findex&just_logged_in=1"),
+	                  // "username=%s&credential=%s&realm=%s&ajax=1
+	                  sizeof("username=") +
+	                  3 * USERNAME_SIZE +
+	                  sizeof("realm=") +
+	                  3 * REALM_SIZE +
+	                  sizeof("credential=") +
+	                  3 * PASSWORD_SIZE +
+	                  sizeof("ajax=1")
+	          )] = { '\0' };
+#undef OFV_MAX
 	char token[128], tokenresponse[256], tokenparams[320];
 	char action_url[1024] = { '\0' };
 	char *res = NULL;
@@ -651,7 +668,6 @@ int auth_log_in(struct tunnel *tunnel)
 	tunnel->cookie[0] = '\0';
 
 	if (username[0] == '\0' && tunnel->config->password[0] == '\0') {
-		snprintf(data, sizeof(data), "");
 		ret = http_request(tunnel, "GET", "/remote/login",
 		                   data, &res, &response_size);
 	} else {
diff --git a/tests/ci/checkpatch/checkpatch.pl b/tests/ci/checkpatch/checkpatch.pl
old mode 100644
new mode 100755

From 943e296e6e314137e08124916bafd59d9ce2146d Mon Sep 17 00:00:00 2001
From: Dimitri Papadopoulos
 <3234522+DimitriPapadopoulos@users.noreply.github.com>
Date: Mon, 22 Jul 2024 19:55:38 +0200
Subject: [PATCH 2/2] Work around a new checkpatch.pl warning

src/io.c:50: WARNING: Argument 'x' is not used in function-like macro
---
 tests/lint/checkpatch.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/lint/checkpatch.sh b/tests/lint/checkpatch.sh
index 088af2f0..949787e3 100755
--- a/tests/lint/checkpatch.sh
+++ b/tests/lint/checkpatch.sh
@@ -11,7 +11,7 @@ for file in "$@"; do
   tmp=$(mktemp)
 
   "$checkpatch_path" --no-tree --terse \
-    --ignore LEADING_SPACE,SPDX_LICENSE_TAG,CODE_INDENT,NAKED_SSCANF,VOLATILE,NEW_TYPEDEFS,LONG_LINE,LONG_LINE_STRING,QUOTED_WHITESPACE_BEFORE_NEWLINE,STRCPY,STRLCPY,STRNCPY \
+    --ignore MACRO_ARG_UNUSED,LEADING_SPACE,SPDX_LICENSE_TAG,CODE_INDENT,NAKED_SSCANF,VOLATILE,NEW_TYPEDEFS,LONG_LINE,LONG_LINE_STRING,QUOTED_WHITESPACE_BEFORE_NEWLINE,STRCPY,STRLCPY,STRNCPY \
     -f "$file" | tee "$tmp"
   
   if [ -s "$tmp" ]; then