Mercurial > dovecot > original-hg > dovecot-1.2
changeset 1262:7767e5b3e83e HEAD
Invalid PLAIN auth request crashed auth process.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Wed, 26 Feb 2003 23:27:17 +0200 |
| parents | 5373999355ed |
| children | 500ec0ec3b85 |
| files | src/auth/mech-plain.c |
| diffstat | 1 files changed, 10 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/mech-plain.c Wed Feb 26 13:21:43 2003 +0200 +++ b/src/auth/mech-plain.c Wed Feb 26 23:27:17 2003 +0200 @@ -42,12 +42,17 @@ } } - /* split and save user/realm */ - auth_request->user = p_strdup(auth_request->pool, authenid); - passdb->verify_plain(auth_request, pass, verify_callback); + if (authenid == NULL) { + /* invalid input */ + mech_auth_finish(auth_request, NULL, 0, FALSE); + } else { + /* split and save user/realm */ + auth_request->user = p_strdup(auth_request->pool, authenid); + passdb->verify_plain(auth_request, pass, verify_callback); - /* make sure it's cleared */ - safe_memset(pass, 0, strlen(pass)); + /* make sure it's cleared */ + safe_memset(pass, 0, strlen(pass)); + } return TRUE; }