git://git.exim.org / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Auths: fix possible OOB write in SPA authenticator. Bug 3000
[exim.git] / src / src / auths / auth-spa.c
diff --git a/src/src/auths/auth-spa.c b/src/src/auths/auth-spa.c
index ff683a2dd7b5c29eb65da8604b1866811a44b01e..d7a12aa23da35018099366d47e3d6ab30ae60dcb 100644 (file)
--- a/src/src/auths/auth-spa.c
+++ b/src/src/auths/auth-spa.c
@@ -1215,7 +1215,9 @@ char versionString[] = "libntlm version 0.21";
 
 #define spa_bytes_add(ptr, header, buf, count) \
 { \
-if (buf && (count) != 0) /* we hate -Wint-in-bool-contex */ \
+if (  buf && (count) != 0      /* we hate -Wint-in-bool-contex */ \
+   && ptr->bufIndex + count < sizeof(ptr->buffer)              \
+   ) \
   { \
   SSVAL(&ptr->header.len,0,count); \
   SSVAL(&ptr->header.maxlen,0,count); \
Master Exim source repository