From 1405a0444d316791af6a473324be754789fb98a1 Mon Sep 17 00:00:00 2001
From: "Eric S. Raymond" <esr@thyrsus.com>
Date: Wed, 3 Oct 2001 11:49:04 +0000
Subject: Security audit fix.

svn path=/trunk/; revision=3534
---
 kerberos.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'kerberos.c')

diff --git a/kerberos.c b/kerberos.c
index f0da5a1a..a6d97758 100644
--- a/kerberos.c
+++ b/kerberos.c
@@ -69,7 +69,7 @@ int do_rfc1731(int sock, char *command, char *truename)
 	return result;
     }
 
-    len = from64tobits(challenge1.cstr, buf1);
+    len = from64tobits(challenge1.cstr, buf1, sizeof(challenge1.cstr));
     if (len < 0) {
 	report(stderr, GT_("could not decode initial BASE64 challenge\n"));
 	return PS_AUTHFAIL;
@@ -208,7 +208,7 @@ int do_rfc1731(int sock, char *command, char *truename)
      * process is complete.
      */
 
-    len = from64tobits(buf2, buf1);
+    len = from64tobits(buf2, buf1, sizeof(buf2x));
     if (len < 0) {
 	report(stderr, GT_("could not decode BASE64 ready response\n"));
 	return PS_AUTHFAIL;
-- 
cgit v1.2.3