correct key, there is no guarantee that a null will occur
anywhere in the string. */
(void) strncpy(idnumber,decrypt,(int)decrypt_len);
+ /* Check that the idnumber of a mismatched decryption doesn't overflow
+ * the buffer.
+ */
+ if (strlen(idnumber) != 9) {
+#ifdef DEBUG
+ com_err(whoami, 0, "idnumber wrong size, probable user mismatch\n");
+#endif
+ return(FAILURE);
+ }
/* Point temp to the end of the plain text ID number. */
temp = decrypt + strlen(idnumber) + 1;
/* Find out how much more packet there is. */