[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
handling of sasl packet sizes (ITS#2184)
Full_Name: Larry Greenfield
Version: latest cvs
OS: linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (128.2.121.100)
cyrus.c contains a minor problem (that doesn't affect functionality).
It appears to assume that "max", retrieved from SASL_MAXOUTBUF,
constrains the size of a buffer our peer is sending to us. That is not
the case; SASL_MAXOUTBUF only constrains the size of the plaintext
that can be handed to sasl_encode().
My patch also removes an unnecessary "maxbuf - 100"; the 100 slop
factor is definitely not needed for saslv2. (I've preserved it for
sasl v1, since I'm less sure it was correctly determined by the
library then.)
--- cyrus.c.~1.67.~ Mon Oct 14 15:13:52 2002
+++ cyrus.c Thu Nov 14 14:16:26 2002
@@ -194,10 +194,6 @@
"sb_sasl_pkt_length: received illegal packet length "
"of %lu bytes\n", (unsigned long)size );
size = 16; /* this should lead to an error. */
- } else if ( size > max ) {
- ber_log_printf( LDAP_DEBUG_ANY, debuglevel,
- "sb_sasl_pkt_length: received packet length "
- "of %lu exceeds negotiated max of %lu bytes\n", (unsigned long)size,
(unsigned long)max );
}
return size + 4; /* include the size !!! */
@@ -344,11 +340,14 @@
/* now encode the next packet. */
#if SASL_VERSION_MAJOR >= 2
ber_pvt_sb_buf_init( &p->buf_out );
+ /* sasl v2 makes sure this number is correct */
+ if ( len > *p->sasl_maxbuf )
+ len = *p->sasl_maxbuf;
#else
ber_pvt_sb_buf_destroy( &p->buf_out );
-#endif
if ( len > *p->sasl_maxbuf - 100 )
len = *p->sasl_maxbuf - 100; /* For safety margin */
+#endif
ret = sasl_encode( p->sasl_context, buf, len,
(SASL_CONST char **)&p->buf_out.buf_base,
(unsigned *)&p->buf_out.buf_size );