[dovecot-cvs] dovecot/src/auth mech-plain.c,1.18,1.19
cras at dovecot.org
cras at dovecot.org
Fri Jul 9 13:57:34 EEST 2004
- Previous message: [dovecot-cvs] dovecot/src/lib-storage/index index-mail-headers.c,
1.25, 1.26 index-mail.c, 1.41, 1.42 index-mail.h, 1.16,
1.17 index-transaction.c, 1.7, 1.8
- Next message: [dovecot-cvs] dovecot/src/login-common ssl-proxy-openssl.c, 1.23,
1.24
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /home/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv29235
Modified Files:
mech-plain.c
Log Message:
We could read authid past the buffer if \0password wasn't given in input.
Index: mech-plain.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech-plain.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -d -r1.18 -r1.19
--- mech-plain.c 31 May 2004 18:57:25 -0000 1.18
+++ mech-plain.c 9 Jul 2004 10:57:32 -0000 1.19
@@ -42,10 +42,10 @@
}
}
- if (authenid == NULL) {
+ if (count != 2) {
/* invalid input */
if (verbose) {
- i_info("plain(%s): no username given",
+ i_info("plain(%s): invalid input",
get_log_prefix(auth_request));
}
mech_auth_finish(auth_request, NULL, 0, FALSE);
- Previous message: [dovecot-cvs] dovecot/src/lib-storage/index index-mail-headers.c,
1.25, 1.26 index-mail.c, 1.41, 1.42 index-mail.h, 1.16,
1.17 index-transaction.c, 1.7, 1.8
- Next message: [dovecot-cvs] dovecot/src/login-common ssl-proxy-openssl.c, 1.23,
1.24
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list