On Sat, 06 Apr 2002, Ronald Wahl wrote:
diff -uNr fetchmail-5.9.11.orig/base64.c fetchmail-5.9.11/base64.c
--- fetchmail-5.9.11.orig/base64.c 2001-10-03 11:37:33.000000000 +0200
+++ fetchmail-5.9.11/base64.c 2002-04-06 12:20:33.000000000 +0200
@@ -78,17 +78,21 @@
return(-1);
in += 4;
++len;
- if (len && len >= maxlen) /* prevent buffer overflow */
+ if (len && len > maxlen) /* prevent buffer overflow */
return(-1);
*out++ = (DECODE64(digit1) << 2) | (DECODE64(digit2) >> 4);
if (digit3 != '=')
{
- *out++ = ((DECODE64(digit2) << 4) & 0xf0) | (DECODE64(digit3) >> 2);
++len;
+ if (len && len > maxlen) /* prevent buffer overflow */
+ return(-1);
+ *out++ = ((DECODE64(digit2) << 4) & 0xf0) | (DECODE64(digit3) >> 2);
if (digit4 != '=')
{
- *out++ = ((DECODE64(digit3) << 6) & 0xc0) | DECODE64(digit4);
++len;
+ if (len && len > maxlen) /* prevent buffer overflow */
+ return(-1);
+ *out++ = ((DECODE64(digit3) << 6) & 0xc0) | DECODE64(digit4);
}
}
} while
Good patch, but not good enough. Replace all len && with maxlen &&. This
base64.c function has been utterly fubared for quite a while, it seems...
#ifdef KERBEROS_V4
+#if 0
if (ctl->server.authenticate == A_KERBEROS_V4)
{
set_timeout(mytimeout);
@@ -901,6 +902,7 @@
if (err != 0)
goto cleanUp;
}
+#endif
#endif /* KERBEROS_V4 */
Err, why you need to disable the alarm timeout for kerberos IV to work in
your machine?
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh