CVS gsasl/lib/anonymous

gsasl-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS gsasl/lib/anonymous

From:	gsasl-commit
Subject:	CVS gsasl/lib/anonymous
Date:	Sun, 02 Jan 2005 00:35:48 +0100

Update of /home/cvs/gsasl/lib/anonymous
In directory dopio:/tmp/cvs-serv25846

Modified Files:
        server.c 
Log Message:
Validate upper token length as well.


--- /home/cvs/gsasl/lib/anonymous/server.c      2005/01/01 23:29:46     1.10
+++ /home/cvs/gsasl/lib/anonymous/server.c      2005/01/01 23:35:47     1.11
@@ -36,9 +36,12 @@
   *output = NULL;
   *output_len = 0;
 
-  /* token       = 1*255TCHAR */
-  if (input_len == 0)
-    return GSASL_NEEDS_MORE;
+  /* token       = 1*255TCHAR
+     The <token> production is restricted to 255 UTF-8 encoded Unicode
+     characters.   As the encoding of a characters uses a sequence of 1
+     to 4 octets, a token may be long as 1020 octets. */
+  if (input && (input_len == 0 || input_len > 1020))
+    return GSASL_MECHANISM_PARSE_ERROR;
 
   /* FIXME: Validate that input is UTF-8. */

[Prev in Thread]

Current Thread

[Next in Thread]

CVS gsasl/lib/anonymous, gsasl-commit, 2005/01/01
- CVS gsasl/lib/anonymous, gsasl-commit, 2005/01/01
- CVS gsasl/lib/anonymous, gsasl-commit <=
- CVS gsasl/lib/anonymous, gsasl-commit, 2005/01/01

Prev by Date: CVS gsasl/lib/external
Next by Date: CVS gsasl/lib
Previous by thread: CVS gsasl/lib/anonymous
Next by thread: CVS gsasl/lib/anonymous
Index(es):
- Date
- Thread