From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 13 Oct 2005 07:57:51 +0000 (+0000)
Subject: Make sure that the user and domain strings fit in the target buffer before we
X-Git-Tag: curl-7_15_0~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=943aea62679fb9f2d6d7abe59b5edcba21490c52;p=thirdparty%2Fcurl.git

Make sure that the user and domain strings fit in the target buffer before we
copy them there.
---

diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index 3e993cbf50..a64f611701 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -713,6 +713,13 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
     size=64;
     ntlmbuf[62]=ntlmbuf[63]=0;
 
+    /* Make sure that the user and domain strings fit in the target buffer
+       before we copy them there. */
+    if(size + userlen + domlen >= sizeof(ntlmbuf)) {
+      failf(conn->data, "user + domain name too big");
+      return CURLE_OUT_OF_MEMORY;
+    }
+
     memcpy(&ntlmbuf[size], domain, domlen);
     size += domlen;