diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2005-10-13 07:57:51 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2005-10-13 07:57:51 +0000 |
| commit | 943aea62679fb9f2d6d7abe59b5edcba21490c52 (patch) | |
| tree | 14d06900101bad70df8509368f78bf11f91eacb9 | |
| parent | b433e4a1e78b4a93857779ab3997ad88efa38140 (diff) | |
Make sure that the user and domain strings fit in the target buffer before we
copy them there.
| -rw-r--r-- | lib/http_ntlm.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c index 3e993cbf5..a64f61170 100644 --- a/lib/http_ntlm.c +++ b/lib/http_ntlm.c @@ -713,6 +713,13 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, size=64; ntlmbuf[62]=ntlmbuf[63]=0; + /* Make sure that the user and domain strings fit in the target buffer + before we copy them there. */ + if(size + userlen + domlen >= sizeof(ntlmbuf)) { + failf(conn->data, "user + domain name too big"); + return CURLE_OUT_OF_MEMORY; + } + memcpy(&ntlmbuf[size], domain, domlen); size += domlen; |