From: Amos Jeffries <squid3@treenet.co.nz>
Date: Tue, 29 Jul 2008 13:00:30 +0000 (+1200)
Subject: Author: Markus <huaraz@moeller.plus.com>
X-Git-Tag: SQUID_3_1_0_1~49^2~126
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1f16a8cca28cb9e71586fd3ff0dc28fb7a8ee59e;p=thirdparty%2Fsquid.git

Author: Markus <huaraz@moeller.plus.com>
Bug 2426: Increase buffer in authenticateNegotiateStart
---

diff --git a/src/auth/negotiate/auth_negotiate.cc b/src/auth/negotiate/auth_negotiate.cc
index 36ff22f34b..cfde0a883a 100644
--- a/src/auth/negotiate/auth_negotiate.cc
+++ b/src/auth/negotiate/auth_negotiate.cc
@@ -55,6 +55,11 @@
  \ingroup AuthNegotiateAPI
  */
 
+/**
+ * Maximum length (buffer size) for token strings.
+ */
+#define MAX_AUTHTOKEN_LEN   32768
+
 static void
 authenticateNegotiateReleaseServer(AuthUserRequest * auth_user_request);
 
@@ -562,7 +567,7 @@ void
 AuthNegotiateUserRequest::module_start(RH * handler, void *data)
 {
     authenticateStateData *r = NULL;
-    static char buf[8192];
+    static char buf[MAX_AUTHTOKEN_LEN];
     negotiate_user_t *negotiate_user;
     AuthUser *auth_user = user();
 
@@ -588,9 +593,9 @@ AuthNegotiateUserRequest::module_start(RH * handler, void *data)
     AUTHUSERREQUESTLOCK(r->auth_user_request, "r");
 
     if (auth_state == AUTHENTICATE_STATE_INITIAL) {
-        snprintf(buf, 8192, "YR %s\n", client_blob); //CHECKME: can ever client_blob be 0 here?
+        snprintf(buf, MAX_AUTHTOKEN_LEN, "YR %s\n", client_blob); //CHECKME: can ever client_blob be 0 here?
     } else {
-        snprintf(buf, 8192, "KK %s\n", client_blob);
+        snprintf(buf, MAX_AUTHTOKEN_LEN, "KK %s\n", client_blob);
     }
 
     waiting = 1;