bx/catgirl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Avoid sending null byte in SASL PLAIN

Browse Source 
Woops! BASE64_SIZE is the size of the string buffer. Somehow ergo
is the only server software (that I know of) to reject the accidental
null byte.

Reported by smlavine.
This commit is contained in:
June McEnroe 2022-01-16 14:17:46 -05:00
parent e7cec13723
commit 605f889ab5
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
handle.c
View File

@ -219,7 +219,7 @@ static void handleAuthenticate(struct Message *msg) {
char b64[BASE64_SIZE(sizeof(buf))]; char b64[BASE64_SIZE(sizeof(buf))];
base64(b64, buf, len); base64(b64, buf, len);
ircFormat("AUTHENTICATE "); ircFormat("AUTHENTICATE ");
ircSend(b64, BASE64_SIZE(len)); ircSend(b64, BASE64_SIZE(len) - 1);
ircFormat("\r\n"); ircFormat("\r\n");
explicit_bzero(b64, sizeof(b64)); explicit_bzero(b64, sizeof(b64));