X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/0756eb3cb50d73a77b486e47528f7cb1bffdb299..3ecab1575ef1f45a5e7cd3c48cd937ffa8eb0ad9:/src/src/auths/auth-spa.c diff --git a/src/src/auths/auth-spa.c b/src/src/auths/auth-spa.c index c6f716551..87e5f4e8f 100644 --- a/src/src/auths/auth-spa.c +++ b/src/src/auths/auth-spa.c @@ -1,5 +1,3 @@ -/* $Cambridge: exim/src/src/auths/auth-spa.c,v 1.1 2004/10/07 13:10:00 ph10 Exp $ */ - /************************************************* * Exim - an Internet mail transport agent * *************************************************/ @@ -85,6 +83,13 @@ int main (int argc, char ** argv) challenge_str = argv [3]; + if (spa_base64_to_bits ((char *)&challenge, sizeof(challenge), + (const char *)(challenge_str))<0) + { + printf("bad base64 data in challenge: %s\n", challenge_str); + exit (1); + } + spa_build_auth_response (&challenge, &response, username, password); spa_bits_to_base64 (msgbuf, (unsigned char*)&response, spa_request_length(&response)); @@ -406,8 +411,11 @@ spa_bits_to_base64 (unsigned char *out, const unsigned char *in, int inlen) *out = '\0'; } + +/* The outlength parameter was added by PH, December 2004 */ + int -spa_base64_to_bits (char *out, const char *in) +spa_base64_to_bits (char *out, int outlength, const char *in) /* base 64 to raw bytes in quasi-big-endian order, returning count of bytes */ { int len = 0; @@ -420,6 +428,8 @@ spa_base64_to_bits (char *out, const char *in) do { + if (len >= outlength) /* Added by PH */ + return (-1); /* Added by PH */ digit1 = in[0]; if (DECODE64 (digit1) == BAD) return (-1); @@ -437,11 +447,15 @@ spa_base64_to_bits (char *out, const char *in) ++len; if (digit3 != '=') { + if (len >= outlength) /* Added by PH */ + return (-1); /* Added by PH */ *out++ = ((DECODE64 (digit2) << 4) & 0xf0) | (DECODE64 (digit3) >> 2); ++len; if (digit4 != '=') { + if (len >= outlength) /* Added by PH */ + return (-1); /* Added by PH */ *out++ = ((DECODE64 (digit3) << 6) & 0xc0) | DECODE64 (digit4); ++len; }