[dovecot-cvs] dovecot/src/lib-ntlm ntlm-message.c,1.6,1.7
cras at dovecot.org
cras at dovecot.org
Thu Nov 11 19:45:06 EET 2004
- Previous message: [dovecot-cvs] dovecot/src/auth mech-ntlm.c,1.8,1.9
- Next message: [dovecot-cvs] dovecot/src/lib-index mail-cache-compress.c, 1.25,
1.26 mail-index-sync.c, 1.37,
1.38 mail-index-transaction-private.h, 1.16,
1.17 mail-index-transaction.c, 1.33,
1.34 mail-index-view-private.h, 1.12, 1.13 mail-index.c, 1.163,
1.164 mail-index.h, 1.134, 1.135 mail-transaction-log.c, 1.71, 1.72
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /var/lib/cvs/dovecot/src/lib-ntlm
In directory talvi:/tmp/cvs-serv10286/src/lib-ntlm
Modified Files:
ntlm-message.c
Log Message:
allow LM authentication for older (Win9x) clients
which do not pass NTLM response in type 3 message. fixes
crash in dovecot-auth (empty credentials could be passed to
hex_to_binary function if NTLM2 was negotiated). Patch by Andrey Panin
Index: ntlm-message.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/lib-ntlm/ntlm-message.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- ntlm-message.c 22 Oct 2004 13:34:08 -0000 1.6
+++ ntlm-message.c 11 Nov 2004 17:45:04 -0000 1.7
@@ -180,13 +180,19 @@
size_t data_size, const char **error)
{
uint32_t offset = read_le32(&buffer->offset);
+ uint16_t length = read_le16(&buffer->length);
+ uint16_t space = read_le16(&buffer->space);
+
+ /* Empty buffer is ok */
+ if (length == 0 && space == 0)
+ return 1;
if (offset >= data_size) {
*error = "buffer offset out of bounds";
return 0;
}
- if (offset + read_le16(&buffer->space) > data_size) {
+ if (offset + space > data_size) {
*error = "buffer end out of bounds";
return 0;
}
- Previous message: [dovecot-cvs] dovecot/src/auth mech-ntlm.c,1.8,1.9
- Next message: [dovecot-cvs] dovecot/src/lib-index mail-cache-compress.c, 1.25,
1.26 mail-index-sync.c, 1.37,
1.38 mail-index-transaction-private.h, 1.16,
1.17 mail-index-transaction.c, 1.33,
1.34 mail-index-view-private.h, 1.12, 1.13 mail-index.c, 1.163,
1.164 mail-index.h, 1.134, 1.135 mail-transaction-log.c, 1.71, 1.72
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list