X-Git-Url: http://sjero.net/git/?a=blobdiff_plain;f=src%2Fhttp-ntlm.c;h=757d721e62548c17be66c34403c1343992f99dcb;hb=4d7c5e087b2bc82c9f503dff003916d1047903ce;hp=8a95cb7b959e352447170dc27337a9e8394cb44b;hpb=74fbb03b10f6148b5a0cf5b8831b1872e55df7f6;p=wget
diff --git a/src/http-ntlm.c b/src/http-ntlm.c
index 8a95cb7b..757d721e 100644
--- a/src/http-ntlm.c
+++ b/src/http-ntlm.c
@@ -1,12 +1,12 @@
/* NTLM code.
- Copyright (C) 2005 Free Software Foundation, Inc.
- Donated by Daniel Stenberg.
+ Copyright (C) 2005-2006 Free Software Foundation, Inc.
+ Contributed by Daniel Stenberg.
This file is part of GNU Wget.
GNU Wget is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
+the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
GNU Wget is distributed in the hope that it will be useful,
@@ -15,8 +15,7 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
-along with Wget; if not, write to the Free Software
-Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+along with Wget. If not, see .
In addition, as a special exception, the Free Software Foundation
gives permission to link the code of its release of Wget with the
@@ -37,7 +36,6 @@ so, delete this exception statement from your version. */
*/
-/* -- WIN32 approved -- */
#include
#include
#include
@@ -525,6 +523,11 @@ ntlm_output (struct ntlmdata *ntlm, const char *user, const char *passwd,
size=64;
ntlmbuf[62]=ntlmbuf[63]=0;
+ /* Make sure that the user and domain strings fit in the target buffer
+ before we copy them there. */
+ if(size + userlen + domlen >= sizeof(ntlmbuf))
+ return NULL;
+
memcpy(&ntlmbuf[size], domain, domlen);
size += domlen;