← Back to branch summary

~ubuntu-branches/ubuntu/hardy/wget/hardy

« back to all changes in this revision

Viewing changes to src/http-ntlm.c

  • Committer: Bazaar Package Importer
  • Author(s): Noèl Köthe
  • Date: 2005-10-13 16:59:03 UTC
  • mfrom: (1.1.2 upstream)
  • Revision ID: james.westby@ubuntu.com-20051013165903-3e12j4gn6znkhmdb
Tags: 1.10.2-1
new upstream release which fixes a NTLM Buffer Overflow Vulnerability

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/http-ntlm.c
526
526
    size=64;
527
527
    ntlmbuf[62]=ntlmbuf[63]=0;
528
528
 
 
529
    /* Make sure that the user and domain strings fit in the target buffer
 
530
       before we copy them there. */
 
531
    if(size + userlen + domlen >= sizeof(ntlmbuf))
 
532
      return NULL;
 
533
    
529
534
    memcpy(&ntlmbuf[size], domain, domlen);
530
535
    size += domlen;
531
536