[network-manager-openvpn] service: use correct length in string comparison
- From: Thomas Haller <thaller src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [network-manager-openvpn] service: use correct length in string comparison
- Date: Wed, 5 Apr 2017 12:15:35 +0000 (UTC)
commit 5d1b309e31aea9484c70e2cb86610795622a1372
Author: Timo Juhani Lindfors <timo lindfors iki fi>
Date: Wed Apr 5 12:48:42 2017 +0300
service: use correct length in string comparison
This should not be a security issue. Old code just accepted
e.g. "CRV1foo" when only "CRV1:foo" should be parsed.
https://mail.gnome.org/archives/networkmanager-list/2017-April/msg00008.html
Fixes: 5b96fecb97c752e08fdcebb331b983196f4b8935
src/nm-openvpn-service.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c
index 862248f..20f86bf 100644
--- a/src/nm-openvpn-service.c
+++ b/src/nm-openvpn-service.c
@@ -652,7 +652,7 @@ parse_challenge (const char *failure_reason, char **challenge_state_id, char **c
char *colon[4];
int challenge_len;
- if (!(failure_reason && !strncmp (failure_reason, "CRV1:", 4)))
+ if (!(failure_reason && !strncmp (failure_reason, "CRV1:", 5)))
return FALSE;
colon[0] = strchr (failure_reason, ':');
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]