check salt size.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2011-04-07 00:16:21 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2011-04-07 00:16:29 +0200
commit: 317ee3971bbcf96a320b05ed4611672350ad78c6 (patch)
tree: 99e87c2c9e945b931aedad203fb84b56f74d255d
parent: f3e5d6a8117b839f8df073f0dd5aa7f49f1450db (diff)
download: gnutls-317ee3971bbcf96a320b05ed4611672350ad78c6.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/src/srptool.c b/src/srptool.c
index 37e28043f5..614cbecc9a 100644
--- a/src/srptool.c
+++ b/src/srptool.c
@@ -161,6 +161,12 @@ _verify_passwd_int (const char *username, const char *passwd,
   if (salt == NULL || verifier == NULL)
     return -1;
 
+  if (strlen(salt) >= sizeof(_salt))
+    {
+      fprintf (stderr, "Too long salt.\n");
+      return -1;
+    }
+
   /* copy salt, and null terminate after the ':' */
   strcpy (_salt, salt);
   pos = strchr (_salt, ':');
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2011-04-07 00:16:21 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2011-04-07 00:16:29 +0200
commit	317ee3971bbcf96a320b05ed4611672350ad78c6 (patch)
tree	99e87c2c9e945b931aedad203fb84b56f74d255d
parent	f3e5d6a8117b839f8df073f0dd5aa7f49f1450db (diff)
download	gnutls-317ee3971bbcf96a320b05ed4611672350ad78c6.tar.gz