You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by ko...@apache.org on 2016/04/21 10:50:56 UTC
svn commit: r1740254 - /subversion/trunk/subversion/svnserve/cyrus_auth.c
Author: kotkov
Date: Thu Apr 21 08:50:56 2016
New Revision: 1740254
URL: http://svn.apache.org/viewvc?rev=1740254&view=rev
Log:
svnserve: Reject invalid usernames when SASL is being used.
* subversion/svnserve/cyrus_auth.c
(canonicalize_username): Extend the sanity checks.
Modified:
subversion/trunk/subversion/svnserve/cyrus_auth.c
Modified: subversion/trunk/subversion/svnserve/cyrus_auth.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/svnserve/cyrus_auth.c?rev=1740254&r1=1740253&r2=1740254&view=diff
==============================================================================
--- subversion/trunk/subversion/svnserve/cyrus_auth.c (original)
+++ subversion/trunk/subversion/svnserve/cyrus_auth.c Thu Apr 21 08:50:56 2016
@@ -74,6 +74,8 @@ static int canonicalize_username(sasl_co
{
/* The only valid realm is user_realm (i.e. the repository's realm).
If the user gave us another realm, complain. */
+ if (realm_len != inlen-(pos-in+1))
+ return SASL_BADPROT;
if (strncmp(pos+1, user_realm, inlen-(pos-in+1)) != 0)
return SASL_BADPROT;
}