From f61fa6d30aae87b06763e376ca74dfd8d6b4d8b5 Mon Sep 17 00:00:00 2001
From: "Eric S. Raymond" <esr@thyrsus.com>
Date: Thu, 4 Oct 2001 11:58:22 +0000
Subject: Don't call with a potentially bad value.

svn path=/trunk/; revision=3539
---
 gssapi.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'gssapi.c')

diff --git a/gssapi.c b/gssapi.c
index cfc16d27..8dfb5a69 100644
--- a/gssapi.c
+++ b/gssapi.c
@@ -120,6 +120,8 @@ int do_gssauth(int sock, char *command, char *hostname, char *username)
 	        return result;
 	    }
 	    request_buf.length = from64tobits(buf2, buf1 + 2, sizeof(buf2));
+	    if (request_buf.length == -1)	/* in case of bad data */
+		request_buf.length = 0
 	    request_buf.value = buf2;
 	    sec_token = &request_buf;
         }
@@ -132,6 +134,8 @@ int do_gssauth(int sock, char *command, char *hostname, char *username)
         return result;
 
     request_buf.length = from64tobits(buf2, buf1 + 2, sizeof(buf2));
+    if (request_buf.length == -1)	/* in case of bad data */
+	request_buf.length = 0
     request_buf.value = buf2;
 
     maj_stat = gss_unwrap(&min_stat, context, 
-- 
cgit v1.2.3