Prevent possible buffer overflows when using very large (>= 8192 bit) RSA keys.

[tinc] / src / protocol.h

diff --git a/src/protocol.h b/src/protocol.h
index 7d6181e..d6a35be 100644 (file)
--- a/src/protocol.h
+++ b/src/protocol.h
@@ -1,7 +1,7 @@
 /*
     protocol.h -- header for protocol.c
-    Copyright (C) 1999-2004 Ivo Timmermans <ivo@tinc-vpn.org>,
-                  2000-2004 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
+                  2000-2005 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -56,9 +56,12 @@ typedef struct past_request_t {
 
 extern bool tunnelserver;
 
-/* Maximum size of strings in a request */
+/* Maximum size of strings in a request.
+ * scanf terminates %2048s with a NUL character,
+ * but the NUL character can be written after the 2048th non-NUL character.
+ */
 
-#define MAX_STRING_SIZE 2048
+#define MAX_STRING_SIZE 2049
 #define MAX_STRING "%2048s"
 
 #include "edge.h"