RE: [squid-users] ntlmGetString: insane: ? from Henrik Nordstrom on 2008-05-20 (squid-users)

From: Henrik Nordstrom <henrik_at_henriknordstrom.net>
Date: Wed, 21 May 2008 01:37:26 +0200

On mån, 2008-05-19 at 18:00 +0200, Falk wrote:
> Humm, followup from meself..
>
> line 228 in fakeauth_auth.h
> /* Sanity checks. XXX values arbitrarialy chosen */
> if (l <= 0 || o <= 0 || l >= 32 || o >= 256) {
> fprintf(stderr, "ntlmGetString: insane: l:%d o:%d\n", l, o);
> return (NULL);
>
> Is there some check for buffer overflow there that is set to 32?
> When I tried to change SSWAP 64 the fakeauth_auth.c they got authed by
> fakeauth..
>
> Any ideas why this is 32, or why these clients sets 32 and 34?

I think the comment above answers the why part...

Regards
Henrik

application/pgp-signature attachment: This is a digitally signed message part

Received on Tue May 20 2008 - 23:37:30 MDT

This archive was generated by hypermail 2.2.0 : Tue Aug 05 2008 - 01:05:13 MDT