Commit bc8a3b6b authored by François Grisez's avatar François Grisez

Fix several invalid reads

parent da67b912
Pipeline #1001 passed with stage
in 23 minutes and 19 seconds
......@@ -1067,7 +1067,8 @@ int Authentication::AuthenticationListener::checkPasswordMd5(const char *passwd)
if (passwd) {
mPasswordFound = true;
++*getModule()->mCountPassFound;
strncpy(a1buf, passwd, sizeof(a1buf) - 1); // remove trailing NULL character
strncpy(a1buf, passwd, sizeof(a1buf)-1);
a1buf[sizeof(a1buf)-1] = '\0'; // ensure that the string is null terminated
a1 = a1buf;
} else {
++*getModule()->mCountPassNotFound;
......@@ -1094,7 +1095,8 @@ int Authentication::AuthenticationListener::checkPasswordForAlgorithm(const char
if (passwd) {
mPasswordFound = true;
++*getModule()->mCountPassFound;
strncpy(a1, passwd, sizeof(a1) - 1); // remove trailing NULL character
strncpy(a1, passwd, sizeof(a1)-1);
a1[sizeof(a1)-1] = '\0'; // ensure that the string is null terminated
} else {
++*getModule()->mCountPassNotFound;
auth_digest_a1_for_algorithm(&mAr, "xyzzy", a1);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment