diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2003-05-20 09:35:40 +0000 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2003-05-20 09:35:40 +0000 |
commit | 3a62a772c4cde591abc5029001d6bd0bfc7bc6a5 (patch) | |
tree | a604a1484727b7b9020696d8793f45af7da413bd | |
parent | 3881b53c866fea4062d2f2bfae8f3ef6ad45adc8 (diff) | |
download | mailutils-3a62a772c4cde591abc5029001d6bd0bfc7bc6a5.tar.gz mailutils-3a62a772c4cde591abc5029001d6bd0bfc7bc6a5.tar.bz2 |
(auth_gssapi): Do not output surplus text after the '+'.
Don't use strdup as the username is not zero terminated.
Thanks Simon Josefsson for the patch.
-rw-r--r-- | imap4d/auth_gss.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/imap4d/auth_gss.c b/imap4d/auth_gss.c index 94020b68c..109dfc269 100644 --- a/imap4d/auth_gss.c +++ b/imap4d/auth_gss.c @@ -132,7 +132,7 @@ auth_gssapi (struct imap4d_command *command, /* Start the dialogue */ - util_send ("+ GO AHEAD\r\n"); + util_send ("+ \r\n"); util_flush_output (); context = GSS_C_NO_CONTEXT; @@ -221,7 +221,18 @@ auth_gssapi (struct imap4d_command *command, protection_mech = mech; client_buffer_size = sec_level & 0x00ffffffff; - *username = strdup ((char *) outbuf.value + 4); + *username = malloc (outbuf.length - 4 + 1); + if (!*username) + { + syslog (LOG_NOTICE, _("not enough memory")); + gss_release_buffer (&min_stat, &outbuf); + maj_stat = gss_delete_sec_context (&min_stat, &context, &outbuf); + gss_release_buffer (&min_stat, &outbuf); + return RESP_NO; + } + + memcpy (*username, (char *) outbuf.value + 4, outbuf.length - 4); + (*username)[outbuf.length - 4] = '\0'; gss_release_buffer (&min_stat, &outbuf); maj_stat = gss_display_name (&min_stat, client, &client_name, &mech_type); |