projects
/
platform
/
upstream
/
curl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
9452469
)
pop3: Added 255 octet limit check when sending initial response
author
Steve Holme
<steve_holme@hotmail.com>
Sun, 28 Apr 2013 11:20:14 +0000
(12:20 +0100)
committer
Steve Holme
<steve_holme@hotmail.com>
Sun, 28 Apr 2013 11:26:11 +0000
(12:26 +0100)
Added 255 octet limit check as per Section 4. Paragraph 8 of RFC-5034.
lib/pop3.c
patch
|
blob
|
history
diff --git
a/lib/pop3.c
b/lib/pop3.c
index
339d6e4
..
bace72a
100644
(file)
--- a/
lib/pop3.c
+++ b/
lib/pop3.c
@@
-629,7
+629,8
@@
static CURLcode pop3_perform_authenticate(struct connectdata *conn)
if(mech && (pop3c->preftype & POP3_TYPE_SASL)) {
/* Perform SASL based authentication */
- if(initresp) {
+ if(initresp &&
+ 8 + strlen(mech) + len <= 255) { /* AUTH <mech> ...<crlf> */
result = Curl_pp_sendf(&pop3c->pp, "AUTH %s %s", mech, initresp);
if(!result)