aboutsummaryrefslogtreecommitdiffstats
path: root/imap.c
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2005-07-23 16:24:00 +0000
committerMatthias Andree <matthias.andree@gmx.de>2005-07-23 16:24:00 +0000
commit6f8d0b5a7434b00180e1f7bd673772eb01fe1ba7 (patch)
tree26890daf52407e8c34cd7012cb1455e11bd46ad2 /imap.c
parent5d2dc02ed479ad06dcc003da9b869213350f31a0 (diff)
downloadfetchmail-6f8d0b5a7434b00180e1f7bd673772eb01fe1ba7.tar.gz
fetchmail-6f8d0b5a7434b00180e1f7bd673772eb01fe1ba7.tar.bz2
fetchmail-6f8d0b5a7434b00180e1f7bd673772eb01fe1ba7.zip
Fix IMAP code to use password of arbitrary length from configuration
file (although not when read interactively). Debian Bug#276424. svn path=/trunk/; revision=4170
Diffstat (limited to 'imap.c')
-rw-r--r--imap.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/imap.c b/imap.c
index dceeca49..4642dad4 100644
--- a/imap.c
+++ b/imap.c
@@ -504,14 +504,21 @@ static int imap_getauth(int sock, struct query *ctl, char *greeting)
|| ctl->server.authenticate == A_PASSWORD)
{
/* these sizes guarantee no buffer overflow */
- char remotename[NAMELEN*2+1], password[PASSWORDLEN*2+1];
+ char *remotename, *password;
+ size_t rnl, pwl;
+ rnl = 2 * strlen(ctl->remotename) + 1;
+ pwl = 2 * strlen(ctl->password) + 1;
+ remotename = xmalloc(rnl);
+ password = xmalloc(pwl);
- imap_canonicalize(remotename, ctl->remotename, NAMELEN);
- imap_canonicalize(password, ctl->password, PASSWORDLEN);
+ imap_canonicalize(remotename, ctl->remotename, rnl);
+ imap_canonicalize(password, ctl->password, pwl);
snprintf(shroud, sizeof (shroud), "\"%s\"", password);
ok = gen_transact(sock, "LOGIN \"%s\" \"%s\"", remotename, password);
shroud[0] = '\0';
+ free(password);
+ free(remotename);
#ifdef SSL_ENABLE
/* this is for servers which claim to support TLS, but actually
* don't! */