From fa950c94804fb5c93989b5ca62a60b3b6eb6e414 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 30 Apr 2015 12:50:22 +0200 Subject: [PATCH] fix bug in ssl_mail_client --- ChangeLog | 2 ++ programs/ssl/ssl_mail_client.c | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 7e7374bd5..e904eb819 100644 --- a/ChangeLog +++ b/ChangeLog @@ -33,6 +33,8 @@ Features errors on use of deprecated functions. Bugfix + * Fix bug in ssl_mail_client when password is longer that username (found + by Bruno Pape). * Fix undefined behaviour (memcmp( NULL, NULL, 0 );) in X.509 modules (detected by Clang's 3.6 UBSan). * mpi_size() and mpi_msb() would segfault when called on an mpi that is diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index fcda1dde3..27c57a17f 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -722,7 +722,7 @@ int main( int argc, char *argv[] ) polarssl_printf( " > Write username to server: %s", opt.user_name ); fflush( stdout ); - n = sizeof( buf ); + n = sizeof( base ); ret = base64_encode( base, &n, (const unsigned char *) opt.user_name, strlen( opt.user_name ) ); @@ -743,6 +743,7 @@ int main( int argc, char *argv[] ) polarssl_printf( " > Write password to server: %s", opt.user_pwd ); fflush( stdout ); + n = sizeof( base ); ret = base64_encode( base, &n, (const unsigned char *) opt.user_pwd, strlen( opt.user_pwd ) );