Check for an illegal length of passphrase in read_passphrase().

This commit is contained in:
Ivo Timmermans 2000-04-17 16:52:58 +00:00
parent baebae2749
commit c924689690

View file

@ -107,7 +107,12 @@ int read_passphrase(char *which, char **out)
}
fscanf(f, "%d ", &size);
size >>= 2; /* nibbles->bits */
if(size < 1 || size > (1<<15))
{
syslog(LOG_ERR, "Illegal passphrase in %s; size would be %d", filename, size);
return -1;
}
size >>= 2; /* bits->nibbles */
pp = xmalloc(size+2);
fgets(pp, size+1, f);
fclose(f);