Thread: [Mixmaster-devel] r927 - trunk/Mix/Src
Brought to you by:
weaselp
From: <co...@as...> - 2006-02-19 20:46:48
|
Author: colin Date: 2006-02-19 21:46:35 +0100 (Sun, 19 Feb 2006) New Revision: 927 Modified: trunk/Mix/Src/keymgt.c Log: Fix buffer overflow in key-ids and explicitly only compare the correct nu= mber of chars Modified: trunk/Mix/Src/keymgt.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/Mix/Src/keymgt.c 2006-02-15 15:49:30 UTC (rev 926) +++ trunk/Mix/Src/keymgt.c 2006-02-19 20:46:35 UTC (rev 927) @@ -39,7 +39,7 @@ { FILE *keyring; BUFFER *iv, *pass, *temp; - char idstr[33]; + char idstr[34]; char line[LINELEN]; int err =3D -1; char *res; @@ -78,7 +78,7 @@ } while ( res !=3D NULL && strchr(line, ':') !=3D NULL ); if (res =3D=3D NULL) break; - if (keyid && !streq(line, idstr)) + if (keyid && (strncmp(line, idstr, 32) !=3D 0)) continue; if (created !=3D 0 && (created > time(NULL))) { errlog(ERRORMSG, "Key is not valid yet (creation date in the future):= %s", idstr); @@ -126,7 +126,7 @@ { FILE *keyring; BUFFER *b, *temp, *iv; - char idstr[33]; + char idstr[34]; char line[LINELEN]; int err =3D 0; =20 @@ -149,7 +149,7 @@ line[strlen(line)-1] =3D '\0'; if ((strlen(line) > 0) && (line[strlen(line)-1] =3D=3D '\r')) line[strlen(line)-1] =3D '\0'; - if (!streq(line, idstr)) + if (strncmp(line, idstr, 32) !=3D 0) continue; fgets(line, sizeof(line), keyring); /* ignore length */ for (;;) { |