Mercurial > dovecot > core-2.2
changeset 2301:00b4385cfc48 HEAD
We could read authid past the buffer if \0password wasn't given in input.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Fri, 09 Jul 2004 13:57:32 +0300 |
parents | e4460aca7970 |
children | 8438064ddf08 |
files | src/auth/mech-plain.c |
diffstat | 1 files changed, 2 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/mech-plain.c Fri Jul 09 03:10:37 2004 +0300 +++ b/src/auth/mech-plain.c Fri Jul 09 13:57:32 2004 +0300 @@ -42,10 +42,10 @@ } } - if (authenid == NULL) { + if (count != 2) { /* invalid input */ if (verbose) { - i_info("plain(%s): no username given", + i_info("plain(%s): invalid input", get_log_prefix(auth_request)); } mech_auth_finish(auth_request, NULL, 0, FALSE);