summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2010-09-03 16:59:56 +0300
committerSergey Poznyakoff <gray@gnu.org.ua>2010-09-03 16:59:56 +0300
commited83b5a6fec2174efdec37cffa658d7069dc318b (patch)
tree689bb6df0c6b4b4753b6380145adad8d4f67ce29
parentec9510ec415240661bbecff374056162a7380756 (diff)
downloadmailutils-ed83b5a6fec2174efdec37cffa658d7069dc318b.tar.gz
mailutils-ed83b5a6fec2174efdec37cffa658d7069dc318b.tar.bz2
pop3d: bugfixes.
* pop3d/apop.c (pop3d_apopuser, pop3d_apopuser): Remove statically allocated buffers. * pop3d/pop3d.c (pop3d_mainloop): Likewise. * pop3d/user.c (pop3d_begin_session): Likewise.
-rw-r--r--pop3d/apop.c25
-rw-r--r--pop3d/pop3d.c6
-rw-r--r--pop3d/user.c16
3 files changed, 13 insertions, 34 deletions
diff --git a/pop3d/apop.c b/pop3d/apop.c
index 4d0963505..dca748e70 100644
--- a/pop3d/apop.c
+++ b/pop3d/apop.c
@@ -60,7 +60,7 @@ pop3d_apopuser (const char *user)
memset (&key, 0, sizeof key);
memset (&data, 0, sizeof data);
- MU_DATUM_PTR (key) = user;
+ MU_DATUM_PTR (key) = (void*) user;
MU_DATUM_SIZE (key) = strlen (user);
rc = mu_dbm_fetch (db, key, &data);
@@ -134,11 +134,12 @@ pop3d_apopuser (const char *user)
int
pop3d_apop (char *arg)
{
- char *tmp, *password, *user_digest, *user;
- char buf[POP_MAXCMDLEN];
+ char *p, *password, *user_digest, *user;
struct mu_md5_ctx md5context;
unsigned char md5digest[16];
-
+ char buf[2 * 16 + 1];
+ size_t i;
+
if (state != AUTHORIZATION)
return ERR_WRONG_STATE;
@@ -146,11 +147,6 @@ pop3d_apop (char *arg)
return ERR_BAD_ARGS;
pop3d_parse_command (arg, &user, &user_digest);
- if (strlen (user) > (POP_MAXCMDLEN - APOP_DIGEST))
- {
- mu_diag_output (MU_DIAG_INFO, _("user name too long: %s"), user);
- return ERR_BAD_ARGS;
- }
password = pop3d_apopuser (user);
if (password == NULL)
@@ -167,14 +163,9 @@ pop3d_apop (char *arg)
free (password);
mu_md5_finish_ctx (&md5context, md5digest);
- {
- int i;
- tmp = buf;
- for (i = 0; i < 16; i++, tmp += 2)
- sprintf (tmp, "%02x", md5digest[i]);
- }
-
- *tmp++ = '\0';
+ for (i = 0, p = buf; i < 16; i++, p += 2)
+ sprintf (p, "%02x", md5digest[i]);
+ *p = 0;
if (strcmp (user_digest, buf))
{
diff --git a/pop3d/pop3d.c b/pop3d/pop3d.c
index 1a0394419..6b70f55b6 100644
--- a/pop3d/pop3d.c
+++ b/pop3d/pop3d.c
@@ -276,11 +276,7 @@ pop3d_mainloop (int fd, FILE *infile, FILE *outfile)
/* Refresh the Lock. */
pop3d_touchlock ();
- if (strlen (arg) > POP_MAXCMDLEN || strlen (cmd) > POP_MAXCMDLEN)
- status = ERR_TOO_LONG;
- else if (strlen (cmd) > 4)
- status = ERR_BAD_CMD;
- else if ((handler = pop3d_find_command (cmd)) != NULL)
+ if ((handler = pop3d_find_command (cmd)) != NULL)
status = handler (arg);
else
status = ERR_BAD_CMD;
diff --git a/pop3d/user.c b/pop3d/user.c
index 6d0ef3ff1..cbe8c41d4 100644
--- a/pop3d/user.c
+++ b/pop3d/user.c
@@ -89,7 +89,7 @@ pop3d_begin_session ()
int
pop3d_user (char *arg)
{
- char *buf, pass[POP_MAXCMDLEN], *tmp, *cmd;
+ char *buf, *pass, *cmd;
char buffer[512];
if (state != AUTHORIZATION)
@@ -102,16 +102,7 @@ pop3d_user (char *arg)
pop3d_flush_output ();
buf = pop3d_readline (buffer, sizeof (buffer));
- pop3d_parse_command (buf, &cmd, &tmp);
-
- if (strlen (tmp) > POP_MAXCMDLEN)
- return ERR_TOO_LONG;
- else
- {
- strncpy (pass, tmp, POP_MAXCMDLEN);
- /* strncpy () is lame, make sure the string is null terminated. */
- pass[POP_MAXCMDLEN - 1] = '\0';
- }
+ pop3d_parse_command (buf, &cmd, &pass);
if (mu_c_strcasecmp (cmd, "PASS") == 0)
{
@@ -122,7 +113,8 @@ pop3d_user (char *arg)
tmp = pop3d_apopuser (arg);
if (tmp != NULL)
{
- mu_diag_output (MU_DIAG_INFO, _("APOP user %s tried to log in with USER"), arg);
+ mu_diag_output (MU_DIAG_INFO,
+ _("APOP user %s tried to log in with USER"), arg);
return ERR_BAD_LOGIN;
}
#endif

Return to:

Send suggestions and report system problems to the System administrator.