From 23be13663049d4478c97fd8d4ff59df5984faa16 Mon Sep 17 00:00:00 2001 From: Ken Murchison Date: Thu, 13 Jul 2017 11:39:11 -0400 Subject: [PATCH] Fixed issue #416: plugins/scram.c decode_saslname() returns corrupted authz name (using modified patch from wbclay) --- plugins/scram.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/plugins/scram.c b/plugins/scram.c index 12f9aae8..a8030887 100644 --- a/plugins/scram.c +++ b/plugins/scram.c @@ -151,6 +151,8 @@ decode_saslname (char *buf) outp++; } + *outp = '\0'; + return SASL_OK; } @@ -497,6 +499,7 @@ scram_server_mech_step1(server_context_t *text, unsigned *serveroutlen, sasl_out_params_t *oparams __attribute__((unused))) { + char * authorization_id; char * authentication_id; char * p; char * nonce; @@ -602,12 +605,10 @@ scram_server_mech_step1(server_context_t *text, p++; if (p[0] == 'a' && p[1] == '=') { - text->authorization_id = p + 2; + authorization_id = p + 2; - p = strchr (text->authorization_id, ','); + p = strchr (authorization_id, ','); if (p == NULL) { - text->authorization_id = NULL; - SETERROR(sparams->utils, "At least nonce is expected in " SCRAM_SASL_MECH " input"); result = SASL_BADPROT; goto cleanup; @@ -621,7 +622,7 @@ scram_server_mech_step1(server_context_t *text, p++; /* Make a read-write copy we can modify */ - _plug_strdup(sparams->utils, text->authorization_id, &text->authorization_id, NULL); + _plug_strdup(sparams->utils, authorization_id, &text->authorization_id, NULL); if (decode_saslname(text->authorization_id) != SASL_OK) { SETERROR(sparams->utils, "Invalid authorization identity encoding in " SCRAM_SASL_MECH " input");