Mercurial > dropbear

changeset 1422:4cebe907dfd0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
limit input size
author Matt Johnston <matt@ucc.asn.au>
date Thu, 25 May 2017 22:21:23 +0800
parents 814f22d4a58f
children c1c3d5943bfc
files svr-authpubkey.c
diffstat 1 files changed, 3 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/svr-authpubkey.c	Thu May 25 00:10:18 2017 +0800
+++ b/svr-authpubkey.c	Thu May 25 22:21:23 2017 +0800
@@ -195,9 +195,9 @@
 	unsigned int pos, len;
 	int ret = DROPBEAR_FAILURE;
 
-	if (line->len < MIN_AUTHKEYS_LINE) {
-		TRACE(("checkpubkey: line too short"))
-		return DROPBEAR_FAILURE; /* line is too short for it to be a valid key */
+	if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) {
+		TRACE(("checkpubkey: bad line length %d", line->len))
+		return DROPBEAR_FAILURE;
 	}
 
 	/* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */