diff options
| author | Matthias Andree <matthias.andree@gmx.de> | 2012-08-13 20:48:12 +0200 |
|---|---|---|
| committer | Matthias Andree <matthias.andree@gmx.de> | 2012-08-13 21:00:21 +0200 |
| commit | 3fbc7cd331602c76f882d1b507cd05c1d824ba8b (patch) | |
| tree | e153acf66d6583d9bf108dbf5b946283f244550f /ntlmsubr.c | |
| parent | 0780b0e7a19dc8058cfc93e41f27a9965434b085 (diff) | |
| download | fetchmail-3fbc7cd331602c76f882d1b507cd05c1d824ba8b.tar.gz fetchmail-3fbc7cd331602c76f882d1b507cd05c1d824ba8b.tar.bz2 fetchmail-3fbc7cd331602c76f882d1b507cd05c1d824ba8b.zip | |
Fix crash: Handle invalid base64 in NTLM challenge.
Some servers, for instance the MS Exchange servers deployed by the
US-American National Aeronautics and Space Administration (NASA),
aborted the NTLM protocol exchange after receiving the initial request.
Fetchmail did not detect that there was an error message, rather than
NTLM protocol exchange, and caught a segmentation fault while reading
from a bad location.
Detect base64 decoding errors, and return PS_AUTHFAIL in this case.
Reported by J[ames] Porter Clark.
Diffstat (limited to 'ntlmsubr.c')
| -rw-r--r-- | ntlmsubr.c | 9 |
1 files changed, 8 insertions, 1 deletions
@@ -55,7 +55,14 @@ int ntlm_helper(int sock, struct query *ctl, const char *proto) if ((result = gen_recv(sock, msgbuf, sizeof msgbuf))) goto cancelfail; - (void)from64tobits (&challenge, msgbuf, sizeof(challenge)); + if ((result = from64tobits (&challenge, msgbuf, sizeof(challenge))) < 0) + { + report (stderr, GT_("could not decode BASE64 challenge\n")); + /* We do not goto cancelfail; the server has already sent the + * tagged reply, so the protocol exchange has ended, no need + * for us to send the asterisk. */ + return PS_AUTHFAIL; + } if (outlevel >= O_DEBUG) dumpSmbNtlmAuthChallenge(stdout, &challenge); |