aboutsummaryrefslogtreecommitdiff
path: root/src/appl/telnet/libtelnet/kerberos.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/appl/telnet/libtelnet/kerberos.c')
-rw-r--r--src/appl/telnet/libtelnet/kerberos.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/src/appl/telnet/libtelnet/kerberos.c b/src/appl/telnet/libtelnet/kerberos.c
index 734466e..0fda99b 100644
--- a/src/appl/telnet/libtelnet/kerberos.c
+++ b/src/appl/telnet/libtelnet/kerberos.c
@@ -141,6 +141,7 @@ Data(ap, type, d, c)
{
unsigned char *p = str_data + 4;
unsigned char *cd = (unsigned char *)d;
+ size_t spaceleft = sizeof(str_data) - 4;
if (c == -1)
c = strlen((char *)cd);
@@ -156,9 +157,16 @@ Data(ap, type, d, c)
*p++ = ap->type;
*p++ = ap->way;
*p++ = type;
+ spaceleft -= 3;
while (c-- > 0) {
- if ((*p++ = *cd++) == IAC)
- *p++ = IAC;
+ if ((*p++ = *cd++) == IAC) {
+ *p++ = IAC;
+ spaceleft--;
+ }
+ if ((--spaceleft < 4) && c) {
+ errno = ENOMEM;
+ return -1;
+ }
}
*p++ = IAC;
*p++ = SE;
@@ -602,7 +610,9 @@ kerberos4_status(ap, name, level)
return(level);
if (UserNameRequested && !kuserok(&adat, UserNameRequested)) {
- strcpy(name, UserNameRequested);
+ /* the name buffer comes from telnetd/telnetd{-ktd}.c */
+ strncpy(name, UserNameRequested, 255);
+ name[255] = '\0';
return(AUTH_VALID);
} else
return(AUTH_USER);
generated by cgit v1.1 at 2024-09-17 17:10:47 +0000