Re: svn commit: r1570434 - /subversion/trunk/subversion/svnserve/cyrus_auth.c

From: Stefan Sperling <stsp_at_elego.de>
Date: Fri, 21 Feb 2014 10:43:16 +0100

On Fri, Feb 21, 2014 at 03:06:39AM -0000, breser_at_apache.org wrote:
> Author: breser
> Date: Fri Feb 21 03:06:39 2014
> New Revision: 1570434
>
> URL: http://svn.apache.org/r1570434
> Log:
> Fix potential integer overflow in Cyrus SASL support for svnserve.
>
> * subversion/svnserve/cyrus_auth.c
> (try_auth): error if we'll overflow the clientinlen argument to sasl
> functions, typecast to silence the compiler warning.
>
> Modified:
> subversion/trunk/subversion/svnserve/cyrus_auth.c

> - result = sasl_server_step(sasl_ctx, in->data, in->len, &out, &outlen);
> +
> + if (in->len > UINT_MAX)
> + return svn_error_createf(SVN_ERR_RA_NOT_AUTHORIZED, NULL,
> + _("Step response is too long"));
> +
> + result = sasl_server_step(sasl_ctx, in->data, (unsigned) in->len,
> + &out, &outlen);

Nice fix. Can we please write 'unsigned int'? I know there is a
default size, which is probably int, but I already have to remember
so many other idiosyncrasies about C...
Received on 2014-02-21 10:43:55 CET

This message: [ Message body ]
Next message: Thomas Åkesson: "Re: Bug in ra_serf with client certificates"
Previous message: Philip Martin: "svnserve doesn't handle aborted authn"
Next in thread: Ben Reser: "Re: svn commit: r1570434 - /subversion/trunk/subversion/svnserve/cyrus_auth.c"
Reply: Ben Reser: "Re: svn commit: r1570434 - /subversion/trunk/subversion/svnserve/cyrus_auth.c"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]