[Spice-devel] Add password length checks

Submitted by Cedric Bosdonnat on May 22, 2015, 4:11 p.m.

Details

Message ID 1432311086-21148-1-git-send-email-cbosdonnat@suse.com
State New
Headers show

Not browsing as part of any series.

Commit Message

Cedric Bosdonnat May 22, 2015, 4:11 p.m.
Don't allow setting a too long password. Also send a specific error if
the user provides a too long password for client to be able to tell the
user about it.
---
 Note: This patch needs a pending one in spice-common, submodule will need
 to be updated.

 server/reds.c | 7 +++++++
 1 file changed, 7 insertions(+)

Patch hide | download patch | download mbox

diff --git a/server/reds.c b/server/reds.c
index 6d70b68..fc848ce 100644
--- a/server/reds.c
+++ b/server/reds.c
@@ -1892,6 +1892,11 @@  static void reds_handle_ticket(void *opaque)
         spice_warning("failed to decrypt RSA encrypted password: %s",
                       ERR_error_string(ERR_get_error(), NULL));
         goto error;
+    } else if (password_size > SPICE_MAX_PASSWORD_LENGTH) {
+        spice_warning("password exceeding maximum lenght");
+        reds_send_link_result(link, SPICE_LINK_ERR_INVALID_PASSWORD);
+        reds_link_free(link);
+        goto end;
     }
     password[password_size] = '\0';
 
@@ -3503,6 +3508,8 @@  SPICE_GNUC_VISIBLE int spice_server_set_ticket(SpiceServer *s,
         taTicket.expiration_time = now + lifetime;
     }
     if (passwd != NULL) {
+        if (strlen(passwd) > SPICE_MAX_PASSWORD_LENGTH)
+            return -1;
         g_strlcpy(taTicket.password, passwd, sizeof(taTicket.password));
     } else {
         memset(taTicket.password, 0, sizeof(taTicket.password));