xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

libauth: add sanity check for auth_proxy write size

Browse source
This commit is contained in:
cinap_lenrek 2013-09-16 03:56:53 +02:00
parent eee51d7720
commit b5aab82488
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
sys/src/libauth/auth_proxy.c
View file

@ -157,9 +157,10 @@ fauth_proxy(int fd, AuthRpc *rpc, AuthGetkey *getkey, char *params)
n = 0; n = 0;
memset(buf, 0, AuthRpcMax); memset(buf, 0, AuthRpcMax);
while((ret = dorpc(rpc, "write", buf, n, getkey)) == ARtoosmall){ while((ret = dorpc(rpc, "write", buf, n, getkey)) == ARtoosmall){
if(atoi(rpc->arg) > AuthRpcMax) m = atoi(rpc->arg);
if(m <= n || m > AuthRpcMax)
break; break;
m = read(fd, buf + n, atoi(rpc->arg) - n); m = read(fd, buf + n, m - n);
if(m <= 0){ if(m <= 0){
if(m == 0) if(m == 0)
werrstr("auth_proxy short read: %s", werrstr("auth_proxy short read: %s",