projects / citadel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 322cfa7)
AUTH PLAIN: password length has to be its own variable, else it may contain invalid...
authorWilfried Goesgens <dothebart@citadel.org>
Mon, 3 Feb 2014 14:55:06 +0000 (15:55 +0100)
committerWilfried Goesgens <dothebart@citadel.org>
Mon, 3 Feb 2014 14:55:06 +0000 (15:55 +0100)
citadel/modules/imap/serv_imap.c patch | blob | history
citadel/modules/smtp/serv_smtp.c patch | blob | history

diff --git a/citadel/modules/imap/serv_imap.c b/citadel/modules/imap/serv_imap.c
index 85751e69b08e47cea8381c69b845caaf5ebeaad4..e1560a34dcaaaae1ac6c7a71c19c22b3dbd172eb 100644 (file)
--- a/citadel/modules/imap/serv_imap.c
+++ b/citadel/modules/imap/serv_imap.c
@@ -710,6 +710,7 @@ void imap_auth_plain(void)
        int result;
        long decoded_len;
        long len = 0;
+       long plen = 0;
 
        memset(pass, 0, sizeof(pass));
        decoded_len = StrBufDecodeBase64(Imap->Cmd.CmdBuf);
@@ -733,10 +734,10 @@ void imap_auth_plain(void)
 
                if (decoded_len > 0)
                {
-                       len = safestrncpy(pass, decoded_authstring, sizeof pass);
+                       plen = safestrncpy(pass, decoded_authstring, sizeof pass);
 
-                       if (len < 0)
-                               len = sizeof(pass) - 1;
+                       if (plen < 0)
+                               plen = sizeof(pass) - 1;
                }
        }
        Imap->authstate = imap_as_normal;
@@ -749,7 +750,7 @@ void imap_auth_plain(void)
        }
 
        if (result == login_ok) {
-               if (CtdlTryPassword(pass, len) == pass_ok) {
+               if (CtdlTryPassword(pass, plen) == pass_ok) {
                        IAPrintf("%s OK authentication succeeded\r\n", Imap->authseq);
                        return;
                }
diff --git a/citadel/modules/smtp/serv_smtp.c b/citadel/modules/smtp/serv_smtp.c
index fa40a7dbd92ba0639ffac05d4deaf42dbd5b2e07..892d8e7a7885d4aef9e851923284b9e0a9057333 100644 (file)
--- a/citadel/modules/smtp/serv_smtp.c
+++ b/citadel/modules/smtp/serv_smtp.c
@@ -447,6 +447,7 @@ void smtp_try_plain(long offset, long Flags)
 
        long decoded_len;
        long len = 0;
+       long plen = 0;
 
        memset(pass, 0, sizeof(pass));
        decoded_len = StrBufDecodeBase64(sSMTP->Cmd);
@@ -470,10 +471,10 @@ void smtp_try_plain(long offset, long Flags)
 
                if (decoded_len > 0)
                {
-                       len = safestrncpy(pass, decoded_authstring, sizeof pass);
+                       plen = safestrncpy(pass, decoded_authstring, sizeof pass);
 
-                       if (len < 0)
-                               len = sizeof(pass) - 1;
+                       if (plen < 0)
+                               plen = sizeof(pass) - 1;
                }
        }
 
@@ -487,7 +488,7 @@ void smtp_try_plain(long offset, long Flags)
        }
 
        if (result == login_ok) {
-               if (CtdlTryPassword(pass, len) == pass_ok) {
+               if (CtdlTryPassword(pass, plen) == pass_ok) {
                        smtp_webcit_preferences_hack();
                        smtp_auth_greeting(offset, Flags);
                        return;
Citadel server, clients, utilities