changeset 1262:7767e5b3e83e HEAD

Invalid PLAIN auth request crashed auth process.
author Timo Sirainen <tss@iki.fi>
date Wed, 26 Feb 2003 23:27:17 +0200
parents 5373999355ed
children 500ec0ec3b85
files src/auth/mech-plain.c
diffstat 1 files changed, 10 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/src/auth/mech-plain.c	Wed Feb 26 13:21:43 2003 +0200
+++ b/src/auth/mech-plain.c	Wed Feb 26 23:27:17 2003 +0200
@@ -42,12 +42,17 @@
 		}
 	}
 
-	/* split and save user/realm */
-	auth_request->user = p_strdup(auth_request->pool, authenid);
-	passdb->verify_plain(auth_request, pass, verify_callback);
+	if (authenid == NULL) {
+		/* invalid input */
+		mech_auth_finish(auth_request, NULL, 0, FALSE);
+	} else {
+		/* split and save user/realm */
+		auth_request->user = p_strdup(auth_request->pool, authenid);
+		passdb->verify_plain(auth_request, pass, verify_callback);
 
-	/* make sure it's cleared */
-	safe_memset(pass, 0, strlen(pass));
+		/* make sure it's cleared */
+		safe_memset(pass, 0, strlen(pass));
+	}
 	return TRUE;
 }