diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-04-07 00:16:21 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-04-08 00:18:56 +0200 |
| commit | 377a7b28fb9d18b35791a4b1210deb402bce23db (patch) | |
| tree | fb66348b2e40f3929ed055325721a85548364c7e | |
| parent | 4118c57609d180acbcc771517b55aea9059fb90c (diff) | |
| download | gnutls-377a7b28fb9d18b35791a4b1210deb402bce23db.tar.gz | |
check salt size.
| -rw-r--r-- | src/crypt.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/crypt.c b/src/crypt.c index 187842450a..fd9f0f8520 100644 --- a/src/crypt.c +++ b/src/crypt.c @@ -161,6 +161,12 @@ _verify_passwd_int (const char *username, const char *passwd, if (salt == NULL || verifier == NULL) return -1; + if (strlen(salt) >= sizeof(_salt)) + { + fprintf (stderr, "Too long salt.\n"); + return -1; + } + /* copy salt, and null terminate after the ':' */ strcpy (_salt, salt); pos = strchr (_salt, ':'); |