From 9209a887cc3ecfa0f3ae0af3d1e1d98c49feb5f2 Mon Sep 17 00:00:00 2001 From: David Anderson Date: Sat, 29 Dec 2012 17:10:16 -0800 Subject: [PATCH] - client: don't crash if GUI RPC password is too long (from RustyBSD) --- checkin_notes | 8 ++++++++ client/gui_rpc_server_ops.cpp | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/checkin_notes b/checkin_notes index ca5656e584..fcab8ec83d 100644 --- a/checkin_notes +++ b/checkin_notes @@ -7978,6 +7978,14 @@ David 29 Dec 2012 - gui_rpc_auth.cfg is empty, or - it doesn't exist and we can't open it for writing, or - the write to it fails + (from RustyBSD) client/ gui_rpc_server.cpp + +David 29 Dec 2012 + - client: don't crash if GUI RPC password is too long + (from RustyBSD) + + client/ + gui_rpc_server_ops.cpp diff --git a/client/gui_rpc_server_ops.cpp b/client/gui_rpc_server_ops.cpp index 8db3771fa9..7c62fca18d 100644 --- a/client/gui_rpc_server_ops.cpp +++ b/client/gui_rpc_server_ops.cpp @@ -80,7 +80,7 @@ void GUI_RPC_CONN::handle_auth1(MIOFILE& fout) { } int GUI_RPC_CONN::handle_auth2(char* buf, MIOFILE& fout) { - char nonce_hash[256], nonce_hash_correct[256], buf2[256]; + char nonce_hash[256], nonce_hash_correct[256], buf2[512]; if (!parse_str(buf, "", nonce_hash, 256)) { auth_failure(fout); return ERR_AUTHENTICATOR;