sbonazzo / rpms / cyrus-sasl

Forked from rpms/cyrus-sasl 2 years ago
Clone
Source Code
GIT

Blame SOURCES/cyrus-sasl-2.1.26-handle-single-character-mechanisms.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9-beta
  1.   6611fc3f5a6edfea9df6ed78cb4d6e4f836c57c7
  2.   SOURCES
  3.   cyrus-sasl-2.1.26-handle-single-character-mechanisms.patch
Blob History Raw
6611fc 
From 7739268e775e6ed91509727b014cc1d367ad386d Mon Sep 17 00:00:00 2001
6611fc 
From: Alexey Melnikov <alexey.melnikov@isode.com>
6611fc 
Date: Sun, 30 Mar 2014 15:13:34 +0100
6611fc 
Subject: When processing a list of mechanism names, we shouldn't allow a short
6611fc 
 prefix match the whole mechanism name
6611fc
6611fc 
"A", "AN", etc where matching "ANONYMOUS". This patch fixes that.
6611fc
6611fc 
As reported by plautrba@redhat.com
6611fc
6611fc 
diff --git a/lib/common.c b/lib/common.c
6611fc 
index e0f59eb..672fe2f 100644
6611fc 
--- a/lib/common.c
6611fc 
+++ b/lib/common.c
6611fc 
@@ -2428,6 +2428,11 @@ int _sasl_is_equal_mech(const char *req_mech,
6611fc 
         *plus = 0;
6611fc 
     }
6611fc
6611fc 
+    if (n < strlen(plug_mech)) {
6611fc 
+	/* Don't allow arbitrary prefix match */
6611fc 
+	return 0;
6611fc 
+    }
6611fc 
+
6611fc 
     return (strncasecmp(req_mech, plug_mech, n) == 0);
6611fc 
 }
6611fc
6611fc 
--
6611fc 
cgit v0.10.2
6611fc

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation