Prevent possible buffer overflows when using very large (>= 8192 bit) RSA keys.

[tinc] / src / protocol.h

diff --git a/src/protocol.h b/src/protocol.h
index e85db5d..d6a35be 100644 (file)
--- a/src/protocol.h
+++ b/src/protocol.h
@@ -1,7 +1,7 @@
 /*
     protocol.h -- header for protocol.c
-    Copyright (C) 1999-2001 Ivo Timmermans <ivo@o2w.nl>,
-                  2000,2001 Guus Sliepen <guus@sliepen.eu.org>
+    Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
+                  2000-2005 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol.h,v 1.5.4.44 2003/07/30 21:52:41 guus Exp $
+    $Id$
 */
 
 #ifndef __TINC_PROTOCOL_H__
@@ -54,9 +54,14 @@ typedef struct past_request_t {
        time_t firstseen;
 } past_request_t;
 
-/* Maximum size of strings in a request */
+extern bool tunnelserver;
 
-#define MAX_STRING_SIZE 2048
+/* Maximum size of strings in a request.
+ * scanf terminates %2048s with a NUL character,
+ * but the NUL character can be written after the 2048th non-NUL character.
+ */
+
+#define MAX_STRING_SIZE 2049
 #define MAX_STRING "%2048s"
 
 #include "edge.h"