# HG changeset patch
# User Sebastien Jodogne <s.jodogne@gmail.com>
# Date 1415108353 -3600
# Node ID 787059de6b9ad9ff4222e1fb10722fb4ea9f7b6a
# Parent  79f868a7f972d6cdf22c3d13b294418fafb02cea
fix

diff -r 79f868a7f972 -r 787059de6b9a Core/HttpServer/MongooseServer.cpp
--- a/Core/HttpServer/MongooseServer.cpp	Tue Nov 04 13:58:26 2014 +0100
+++ b/Core/HttpServer/MongooseServer.cpp	Tue Nov 04 14:39:13 2014 +0100
@@ -418,7 +418,8 @@
     if (auth != headers.end())
     {
       std::string s = auth->second;
-      if (s.substr(0, 6) == "Basic ")
+      if (s.size() > 6 &&
+          s.substr(0, 6) == "Basic ")
       {
         std::string b64 = s.substr(6);
         granted = that.IsValidBasicHttpAuthentication(b64);
@@ -439,7 +440,8 @@
     }
 
     std::string s = auth->second;
-    if (s.substr(0, 6) != "Basic ")
+    if (s.size() <= 6 ||
+        s.substr(0, 6) != "Basic ")
     {
       return "";
     }