From 943aea62679fb9f2d6d7abe59b5edcba21490c52 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 13 Oct 2005 07:57:51 +0000 Subject: Make sure that the user and domain strings fit in the target buffer before we copy them there. --- lib/http_ntlm.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'lib/http_ntlm.c') diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c index 3e993cbf5..a64f61170 100644 --- a/lib/http_ntlm.c +++ b/lib/http_ntlm.c @@ -713,6 +713,13 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, size=64; ntlmbuf[62]=ntlmbuf[63]=0; + /* Make sure that the user and domain strings fit in the target buffer + before we copy them there. */ + if(size + userlen + domlen >= sizeof(ntlmbuf)) { + failf(conn->data, "user + domain name too big"); + return CURLE_OUT_OF_MEMORY; + } + memcpy(&ntlmbuf[size], domain, domlen); size += domlen; -- cgit v1.2.3