remove coredump bug on bad ID numbers

[moira.git] / reg_svr / reg_svr.c

diff --git a/reg_svr/reg_svr.c b/reg_svr/reg_svr.c
index 7e4015268136504c087f6411ad2100f3373d186c..1af4aa4a54673765145ade80b58defafb0c4832f 100644 (file)
--- a/reg_svr/reg_svr.c
+++ b/reg_svr/reg_svr.c
@@ -187,6 +187,15 @@ int parse_encrypted(message,data)
        correct key, there is no guarantee that a null will occur
        anywhere in the string. */
     (void) strncpy(idnumber,decrypt,(int)decrypt_len);
+    /* Check that the idnumber of a mismatched decryption doesn't overflow
+     * the buffer.
+     */
+    if (strlen(idnumber) != 9) {
+#ifdef DEBUG
+       com_err(whoami, 0, "idnumber wrong size, probable user mismatch\n");
+#endif
+       return(FAILURE);
+    }
     /* Point temp to the end of the plain text ID number. */
     temp = decrypt + strlen(idnumber) + 1;
     /* Find out how much more packet there is. */