The ipmitool will core dump if presented with a username >= to 16 characters. This patch resolves this problem by properly verifying that the username is no greater than 16 characters in length. In addition, the set password function was changed to use a stack based msg_data buffer instead of using malloc so that it was consistent with the set username implementation. The set password function was doing a malloc without a free, so it's implementation was incorrect.
Log in to post a comment.