Check for an illegal length of passphrase in read_passphrase().
This commit is contained in:
parent
baebae2749
commit
c924689690
1 changed files with 6 additions and 1 deletions
|
@ -107,7 +107,12 @@ int read_passphrase(char *which, char **out)
|
|||
}
|
||||
|
||||
fscanf(f, "%d ", &size);
|
||||
size >>= 2; /* nibbles->bits */
|
||||
if(size < 1 || size > (1<<15))
|
||||
{
|
||||
syslog(LOG_ERR, "Illegal passphrase in %s; size would be %d", filename, size);
|
||||
return -1;
|
||||
}
|
||||
size >>= 2; /* bits->nibbles */
|
||||
pp = xmalloc(size+2);
|
||||
fgets(pp, size+1, f);
|
||||
fclose(f);
|
||||
|
|
Loading…
Reference in a new issue