From: Ivo Timmermans <ivo@lychnis.net>
Date: Mon, 17 Apr 2000 16:52:58 +0000 (+0000)
Subject: Check for an illegal length of passphrase in read_passphrase().
X-Git-Tag: release-1.0pre1~93
X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=commitdiff_plain;h=c9246896901ff1ebad91ac399a4ea79fad941f75

Check for an illegal length of passphrase in read_passphrase().
---

diff --git a/src/encr.c b/src/encr.c
index e78ed5ec..c34c1c93 100644
--- a/src/encr.c
+++ b/src/encr.c
@@ -107,7 +107,12 @@ int read_passphrase(char *which, char **out)
     }
 
   fscanf(f, "%d ", &size);
-  size >>= 2; /* nibbles->bits */
+  if(size < 1 || size > (1<<15))
+    {
+      syslog(LOG_ERR, "Illegal passphrase in %s; size would be %d", filename, size);
+      return -1;
+    }
+  size >>= 2; /* bits->nibbles */
   pp = xmalloc(size+2);
   fgets(pp, size+1, f);
   fclose(f);