diff options
| author | Michael Vogt <michael.vogt@ubuntu.com> | 2012-08-28 11:57:51 +0200 |
|---|---|---|
| committer | Michael Vogt <michael.vogt@ubuntu.com> | 2012-08-28 11:57:51 +0200 |
| commit | 4e5e7371044be194c545dc31c8a1d03ed1b659b4 (patch) | |
| tree | 2b3af5825d5ea2addac1a71c7f55de709530f3bb | |
| parent | 9c9e20ba3cd6bcbdd995c39c33ae8863828116e0 (diff) | |
| parent | 7735ad0500b6fefef03b2a3dc2a6843e82353e94 (diff) | |
merged loginsize fix from lp:~mvo/apt/mvo
| -rw-r--r-- | apt-pkg/contrib/netrc.cc | 21 | ||||
| -rw-r--r-- | debian/changelog | 9 |
2 files changed, 25 insertions, 5 deletions
diff --git a/apt-pkg/contrib/netrc.cc b/apt-pkg/contrib/netrc.cc index 56e59d84b..2321ef063 100644 --- a/apt-pkg/contrib/netrc.cc +++ b/apt-pkg/contrib/netrc.cc @@ -15,6 +15,7 @@ #include <apt-pkg/configuration.h> #include <apt-pkg/strutl.h> +#include <apt-pkg/error.h> #include <apt-pkg/fileutl.h> #include <iostream> @@ -39,8 +40,8 @@ enum { }; /* make sure we have room for at least this size: */ -#define LOGINSIZE 64 -#define PASSWORDSIZE 64 +#define LOGINSIZE 256 +#define PASSWORDSIZE 256 #define NETRC DOT_CHAR "netrc" /* returns -1 on failure, 0 if the host is found, 1 is the host isn't found */ @@ -122,11 +123,21 @@ int parsenetrc (char *host, char *login, char *password, char *netrcfile = NULL) if (specific_login) state_our_login = !strcasecmp (login, tok); else + { + if (strlen(tok) > LOGINSIZE) + _error->Error("login token too long %i (max: %i)", + strlen(tok), LOGINSIZE); strncpy (login, tok, LOGINSIZE - 1); + } state_login = 0; } else if (state_password) { - if (state_our_login || !specific_login) + if (state_our_login || !specific_login) + { + if (strlen(tok) > PASSWORDSIZE) + _error->Error("password token too long %i (max %i)", + strlen(tok), PASSWORDSIZE); strncpy (password, tok, PASSWORDSIZE - 1); + } state_password = 0; } else if (!strcasecmp ("login", tok)) state_login = 1; @@ -162,8 +173,8 @@ void maybe_add_auth (URI &Uri, string NetRCFile) { if (NetRCFile.empty () == false) { - char login[64] = ""; - char password[64] = ""; + char login[LOGINSIZE] = ""; + char password[PASSWORDSIZE] = ""; char *netrcfile = strdup(NetRCFile.c_str()); // first check for a generic host based netrc entry diff --git a/debian/changelog b/debian/changelog index 101119141..c08596bec 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +apt (0.9.7.1ubuntu3) quantal; urgency=low + + [ TJ ] + * apt-pkg/contrib/netrc.cc: + - increase LOGINSIZE/PASSWORDSIZE limits and add proper error + if the limits are reached (LP: #1008289) + + -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 28 Aug 2012 11:57:22 +0200 + apt (0.9.7.1ubuntu2) quantal; urgency=low * ftparchive/override.cc: |