diff options
author | Cédric Bosdonnat <cbosdonnat@suse.com> | 2015-06-03 16:19:44 +0200 |
---|---|---|
committer | Christophe Fergeau <cfergeau@redhat.com> | 2015-06-16 09:53:35 +0200 |
commit | 939e643c2a014f973fd537b0420f8110ae13e856 (patch) | |
tree | 1cc62ab2c532cb5c9586e0aab886131b381beb97 | |
parent | 3c77eaa1d7f436e095c3042390b64d90851c350d (diff) |
Add password length check
Don't allow setting a too long password.
-rw-r--r-- | server/reds.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/server/reds.c b/server/reds.c index 12c0bf4c..cc26ca7e 100644 --- a/server/reds.c +++ b/server/reds.c @@ -3503,6 +3503,8 @@ SPICE_GNUC_VISIBLE int spice_server_set_ticket(SpiceServer *s, taTicket.expiration_time = now + lifetime; } if (passwd != NULL) { + if (strlen(passwd) > SPICE_MAX_PASSWORD_LENGTH) + return -1; g_strlcpy(taTicket.password, passwd, sizeof(taTicket.password)); } else { memset(taTicket.password, 0, sizeof(taTicket.password)); |