X-Git-Url: http://sjero.net/git/?a=blobdiff_plain;f=src%2Fhttp-ntlm.c;h=757d721e62548c17be66c34403c1343992f99dcb;hb=4d7c5e087b2bc82c9f503dff003916d1047903ce;hp=5e45c0dba0ce0d2ebb61aa4bc57ee94f98f38072;hpb=5d4ff69084c1e4d8fc002bcae499e653a8fa7a8f;p=wget

diff --git a/src/http-ntlm.c b/src/http-ntlm.c
index 5e45c0db..757d721e 100644
--- a/src/http-ntlm.c
+++ b/src/http-ntlm.c
@@ -1,12 +1,12 @@
 /* NTLM code.
-   Copyright (C) 2005 Free Software Foundation, Inc.
+   Copyright (C) 2005-2006 Free Software Foundation, Inc.
    Contributed by Daniel Stenberg.
 
 This file is part of GNU Wget.
 
 GNU Wget is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
+the Free Software Foundation; either version 3 of the License, or
  (at your option) any later version.
 
 GNU Wget is distributed in the hope that it will be useful,
@@ -15,8 +15,7 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.
 
 You should have received a copy of the GNU General Public License
-along with Wget; if not, write to the Free Software Foundation, Inc.,
-51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+along with Wget.  If not, see <http://www.gnu.org/licenses/>.
 
 In addition, as a special exception, the Free Software Foundation
 gives permission to link the code of its release of Wget with the
@@ -524,6 +523,11 @@ ntlm_output (struct ntlmdata *ntlm, const char *user, const char *passwd,
     size=64;
     ntlmbuf[62]=ntlmbuf[63]=0;
 
+    /* Make sure that the user and domain strings fit in the target buffer
+       before we copy them there. */
+    if(size + userlen + domlen >= sizeof(ntlmbuf))
+      return NULL;
+    
     memcpy(&ntlmbuf[size], domain, domlen);
     size += domlen;