remove coredump bug on bad ID numbers

author mar <mar>

Thu, 27 Jun 1991 15:05:29 +0000 (15:05 +0000)

committer mar <mar>

Thu, 27 Jun 1991 15:05:29 +0000 (15:05 +0000)
author mar <mar>
Thu, 27 Jun 1991 15:05:29 +0000 (15:05 +0000)
committer mar <mar>
Thu, 27 Jun 1991 15:05:29 +0000 (15:05 +0000)
diff --git a/reg_svr/reg_svr.c b/reg_svr/reg_svr.c

index 7e4015268136504c087f6411ad2100f3373d186c..1af4aa4a54673765145ade80b58defafb0c4832f 100644 (file)
--- a/reg_svr/reg_svr.c
+++ b/reg_svr/reg_svr.c
@@ -187,6 +187,15 @@ int parse_encrypted(message,data)
         correct key, there is no guarantee that a null will occur
         anywhere in the string. */
      (void) strncpy(idnumber,decrypt,(int)decrypt_len);
+    /* Check that the idnumber of a mismatched decryption doesn't overflow
+     * the buffer.
+     */
+    if (strlen(idnumber) != 9) {
+#ifdef DEBUG
+       com_err(whoami, 0, "idnumber wrong size, probable user mismatch\n");
+#endif
+       return(FAILURE);
+    }
      /* Point temp to the end of the plain text ID number. */
      temp = decrypt + strlen(idnumber) + 1;
      /* Find out how much more packet there is. */