aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2005-10-13 07:57:51 +0000
committerDaniel Stenberg <daniel@haxx.se>2005-10-13 07:57:51 +0000
commit943aea62679fb9f2d6d7abe59b5edcba21490c52 (patch)
tree14d06900101bad70df8509368f78bf11f91eacb9
parentb433e4a1e78b4a93857779ab3997ad88efa38140 (diff)
Make sure that the user and domain strings fit in the target buffer before we
copy them there.
-rw-r--r--lib/http_ntlm.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index 3e993cbf5..a64f61170 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -713,6 +713,13 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
size=64;
ntlmbuf[62]=ntlmbuf[63]=0;
+ /* Make sure that the user and domain strings fit in the target buffer
+ before we copy them there. */
+ if(size + userlen + domlen >= sizeof(ntlmbuf)) {
+ failf(conn->data, "user + domain name too big");
+ return CURLE_OUT_OF_MEMORY;
+ }
+
memcpy(&ntlmbuf[size], domain, domlen);
size += domlen;