Make sure that the user and domain strings fit in the target buffer before we copy them there.

commit: 943aea62679fb9f2d6d7abe59b5edcba21490c52 [log] [tgz]
author: Daniel Stenberg <daniel@haxx.se> Thu Oct 13 07:57:51 2005 +0000
committer: Daniel Stenberg <daniel@haxx.se> Thu Oct 13 07:57:51 2005 +0000
tree: 14d06900101bad70df8509368f78bf11f91eacb9
parent: b433e4a1e78b4a93857779ab3997ad88efa38140 [diff]
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index 3e993cb..a64f611 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c

@@ -713,6 +713,13 @@
     size=64;
     ntlmbuf[62]=ntlmbuf[63]=0;
 
+    /* Make sure that the user and domain strings fit in the target buffer
+       before we copy them there. */
+    if(size + userlen + domlen >= sizeof(ntlmbuf)) {
+      failf(conn->data, "user + domain name too big");
+      return CURLE_OUT_OF_MEMORY;
+    }
+
     memcpy(&ntlmbuf[size], domain, domlen);
     size += domlen;
commit	943aea62679fb9f2d6d7abe59b5edcba21490c52	[log] [tgz]
author	Daniel Stenberg <daniel@haxx.se>	Thu Oct 13 07:57:51 2005 +0000
committer	Daniel Stenberg <daniel@haxx.se>	Thu Oct 13 07:57:51 2005 +0000
tree	14d06900101bad70df8509368f78bf11f91eacb9
parent	b433e4a1e78b4a93857779ab3997ad88efa38140 [diff]