Passwords of length 16 not handled correctly
Wichert Akkerman
wichert at wiggy.net
Mon Aug 10 11:56:31 UTC 2009
I found another corner case in the password handling: normally passwords
are NUL-padded to be a multiple of 16 in length before the as part of
the PAP-obfuscation. chilli then decodes the obfuscated password and
ends up with a proper NUL-terminated string. However if a password is
exactly 16 characters, or a multiple thereof, long no NUL-padding
happens. As a result the password string chilli gets is never
NUL-terminated. The fix is easy: make sure the incoming password is
NUL-terminated so we can get a valid length for it and limit the decoded
password to strlen(conn->password) characters. I've attached a patch
with this change.
Wichert.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: pw16.diff
URL: <http://lists.coova.org/pipermail/chilli/attachments/20090810/60585acb/attachment.txt>
More information about the Chilli
mailing list