mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-09-03 07:45:47 +00:00
Code Issues Releases Wiki Activity

Be sure to NUL-terminate the decoded secret when converting from

Browse Source 
base64.
This commit is contained in:
Todd C. Miller
2014-07-13 15:23:32 -06:00
parent b5a6037a6c
commit 430ad0fa8a
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/sudoers/ldap.c
View File

@@ -1397,13 +1397,14 @@ sudo_ldap_decode_secret(const char *secret)
* length but padding may be missing so round up to a multiple of 4. * length but padding may be missing so round up to a multiple of 4.
*/ */
secret += sizeof("base64:") - 1; secret += sizeof("base64:") - 1;
reslen = ((strlen(secret) + 3) / 4 * 3) + 1; reslen = ((strlen(secret) + 3) / 4 * 3);
result = sudo_emalloc(reslen); result = sudo_emalloc(reslen + 1);
len = base64_decode(secret, result, reslen); len = base64_decode(secret, result, reslen);
if (len == (size_t)-1) { if (len == (size_t)-1) {
free(result); free(result);
result = NULL; result = NULL;
} }
result[len] = '\0';
} }
debug_return_str((char *)result); debug_return_str((char *)result);
} }