Check for an illegal length of passphrase in read_passphrase().
authorIvo Timmermans <ivo@lychnis.net>
Mon, 17 Apr 2000 16:52:58 +0000 (16:52 +0000)
committerIvo Timmermans <ivo@lychnis.net>
Mon, 17 Apr 2000 16:52:58 +0000 (16:52 +0000)
src/encr.c

index e78ed5e..c34c1c9 100644 (file)
@@ -107,7 +107,12 @@ int read_passphrase(char *which, char **out)
     }
 
   fscanf(f, "%d ", &size);
-  size >>= 2; /* nibbles->bits */
+  if(size < 1 || size > (1<<15))
+    {
+      syslog(LOG_ERR, "Illegal passphrase in %s; size would be %d", filename, size);
+      return -1;
+    }
+  size >>= 2; /* bits->nibbles */
   pp = xmalloc(size+2);
   fgets(pp, size+1, f);
   fclose(f);