From: Timo Sirainen Date: Thu, 30 Oct 2014 01:32:36 +0000 (-0700) Subject: lib-master: Removed fixed length limit for session-id. X-Git-Tag: 2.2.16.rc1~263 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=404150692ba0f5e710600220c0dccfbdf1b1d7cc;p=thirdparty%2Fdovecot%2Fcore.git lib-master: Removed fixed length limit for session-id. --- diff --git a/src/lib-master/master-login.c b/src/lib-master/master-login.c index fce19e3f46..7e2bdfba08 100644 --- a/src/lib-master/master-login.c +++ b/src/lib-master/master-login.c @@ -192,6 +192,7 @@ static void master_login_client_free(struct master_login_client **_client) client->conn->refcount--; } master_login_conn_unref(&client->conn); + i_free(client->session_id); i_free(client); } @@ -419,10 +420,6 @@ static void master_login_conn_input(struct master_login_connection *conn) break; } } - if (session_len >= sizeof(client->session_id)) { - i_error("login client: Session ID too long"); - session_len = 0; - } /* @UNSAFE: we have a request. do userdb lookup for it. */ req.data_size -= i; @@ -430,7 +427,7 @@ static void master_login_conn_input(struct master_login_connection *conn) client->conn = conn; client->fd = client_fd; client->auth_req = req; - memcpy(client->session_id, data, session_len); + client->session_id = i_strndup(data, session_len); memcpy(client->data, data+i, req.data_size); conn->refcount++; diff --git a/src/lib-master/master-login.h b/src/lib-master/master-login.h index 4bd667729f..1b9014a4a3 100644 --- a/src/lib-master/master-login.h +++ b/src/lib-master/master-login.h @@ -4,15 +4,13 @@ #include "master-auth.h" #define MASTER_POSTLOGIN_TIMEOUT_DEFAULT 60 -/* base64(<48bit timestamp>) + NUL */ -#define LOGIN_MAX_SESSION_ID_LEN 33 struct master_login_client { struct master_login_connection *conn; int fd; struct master_auth_request auth_req; - char session_id[LOGIN_MAX_SESSION_ID_LEN]; + char *session_id; unsigned char data[FLEXIBLE_ARRAY_MEMBER]; };