summaryrefslogtreecommitdiff
path: root/testing/cyrus-sasl/0018_auth_rimap_quotes.patch
blob: 13fa999f0dc2eff6c79dc2283015205132ac8f3b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
0016_auth_rimap_quotes.dpatch by  <fabbe@debian.org>

All lines beginning with `## DP:' are a description of the patch.
Avoid infinite loop when username/password has a double quote character.
Upstream change: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/saslauthd/auth_rimap.c.diff?r1=1.12;r2=1.13

diff -urNad etch~/saslauthd/auth_rimap.c etch/saslauthd/auth_rimap.c
--- etch~/saslauthd/auth_rimap.c	2007-03-29 15:16:20.000000000 +0300
+++ etch/saslauthd/auth_rimap.c	2008-02-13 13:42:53.000000000 +0200
@@ -162,6 +162,7 @@
     num_quotes = 0;
     p1 = s;
     while ((p1 = strchr(p1, '"')) != NULL) {
+	p1++;
 	num_quotes++;
     }
     
@@ -438,7 +439,7 @@
 	syslog(LOG_WARNING, "auth_rimap: writev: %m");
 	memset(qlogin, 0, strlen(qlogin));
 	free(qlogin);
-	memset(qpass, 0, strlen(qlogin));
+	memset(qpass, 0, strlen(qpass));
 	free(qpass);
 	(void)close(s);
 	return strdup(RESP_IERROR);
@@ -447,7 +448,7 @@
     /* don't need these any longer */
     memset(qlogin, 0, strlen(qlogin));
     free(qlogin);
-    memset(qpass, 0, strlen(qlogin));
+    memset(qpass, 0, strlen(qpass));
     free(qpass);
 
     /* read and parse the LOGIN response */