j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

Prevent possible buffer overflows when using very large (>= 8192 bit) RSA keys.

Browse source 
Thanks to Tonnerre Lombard for noticing!
This commit is contained in:
Guus Sliepen 2005-06-03 10:16:03 +00:00
parent 02746165a2
commit e810545dc2
4 changed files with 14 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/protocol_auth.c
View file

@ -118,7 +118,7 @@ bool id_h(connection_t *c)
bool send_metakey(connection_t *c)
{
char buffer[MAX_STRING_SIZE];
char *buffer;
int len;
bool x;
@ -128,6 +128,8 @@ bool send_metakey(connection_t *c)
/* Allocate buffers for the meta key */
buffer = alloca(2 * len + 1);
if(!c->outkey)
c->outkey = xmalloc(len);
@ -302,7 +304,7 @@ bool metakey_h(connection_t *c)
bool send_challenge(connection_t *c)
{
char buffer[MAX_STRING_SIZE];
char *buffer;
int len;
cp();
@ -313,6 +315,8 @@ bool send_challenge(connection_t *c)
/* Allocate buffers for the challenge */
buffer = alloca(2 * len + 1);
if(!c->hischallenge)
c->hischallenge = xmalloc(len);