From 46aa1c4ce13f637161dd2a9c135f108555a6dbe9 Mon Sep 17 00:00:00 2001 From: Timo Sirainen Date: Sat, 21 Apr 2018 16:03:42 +0300 Subject: [PATCH] login-common: Consistently truncate client SASL input at first NUL The input is supposed to be base64-encoded, so there's no need to support actual NUL characters. The previous code truncated at NULs, but could have kept appending more data to the value. This could have produced somewhat random results. --- src/login-common/client-common-auth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/login-common/client-common-auth.c b/src/login-common/client-common-auth.c index 76cd407a26..20ea702564 100644 --- a/src/login-common/client-common-auth.c +++ b/src/login-common/client-common-auth.c @@ -617,7 +617,7 @@ int client_auth_read_line(struct client *client) client_destroy(client, "Authentication response too large"); return -1; } - str_append_n(client->auth_response, data, i); + str_append_data(client->auth_response, data, i); i_stream_skip(client->input, i == size ? size : i+1); /* drop trailing \r */