Sophie: imapproxy-1.2.6-5mdv2009.0 src

imapproxy-1.2.6-5mdv2009.0.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse


 http://lists.andrew.cmu.edu/pipermail/imapproxy-info/2007-September/000662.html

--- src/request.c	2008-01-28 14:15:08.000000000 +0100
+++ src/request.c.oden	2008-08-30 14:54:26.000000000 +0200
@@ -738,6 +738,12 @@ static int cmd_authenticate_login( ITD_S
 	return( -1 );
     }
 
+    if ( BytesRead > MAXUSERNAMELEN)
+    {
+       syslog( LOG_NOTICE, "%s: username too long from client on socket %d", fn, Client->conn->sd );
+       return( -1 );
+    }
+
     /*
      * Don't accept literals from the client here.
      */
@@ -796,6 +802,12 @@ static int cmd_authenticate_login( ITD_S
 	return( -1 );
     }
     
+    if ( BytesRead > MAXPASSWDLEN)
+    {
+       syslog( LOG_NOTICE, "%s: passwd too long from client on socket %d", fn, Client->conn->sd );
+       return( -1 );
+    }
+
     if ( Client->MoreData ||
 	 BytesRead > BufLen )
     {