From 3b9be868ee2fa57f75c16563380c844dbe12ab0b Mon Sep 17 00:00:00 2001
From: Timo Sirainen <tss@iki.fi>
Date: Fri, 9 Jul 2004 13:57:32 +0300
Subject: [PATCH] We could read authid past the buffer if \0password wasn't
 given in input.

--HG--
branch : HEAD
---
 src/auth/mech-plain.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/auth/mech-plain.c b/src/auth/mech-plain.c
index d530bee74e..f639e6bfa2 100644
--- a/src/auth/mech-plain.c
+++ b/src/auth/mech-plain.c
@@ -42,10 +42,10 @@ mech_plain_auth_continue(struct auth_request *auth_request,
 		}
 	}
 
-	if (authenid == NULL) {
+	if (count != 2) {
 		/* invalid input */
 		if (verbose) {
-			i_info("plain(%s): no username given",
+			i_info("plain(%s): invalid input",
 			       get_log_prefix(auth_request));
 		}
 		mech_auth_finish(auth_request, NULL, 0, FALSE);
-- 
2.47.3