mirror of
https://gitlab.gnome.org/GNOME/glib.git
synced 2025-03-25 00:50:05 +01:00
gtlspassword: Forbid very long TLS passwords
The public API `g_tls_password_set_value_full()` (and the vfunc it invokes) can only accept a `gssize` length. Ensure that nul-terminated strings passed to `g_tls_password_set_value()` can’t exceed that length. Use `g_memdup2()` to avoid an overflow if they’re longer than `G_MAXUINT` similarly. Signed-off-by: Philip Withnall <pwithnall@endlessos.org> Helps: #2319
This commit is contained in:
parent
a2e38fd28e
commit
a8b204ff9d
@ -287,9 +287,14 @@ g_tls_password_set_value (GTlsPassword *password,
|
|||||||
g_return_if_fail (G_IS_TLS_PASSWORD (password));
|
g_return_if_fail (G_IS_TLS_PASSWORD (password));
|
||||||
|
|
||||||
if (length < 0)
|
if (length < 0)
|
||||||
length = strlen ((gchar *)value);
|
{
|
||||||
|
/* FIXME: g_tls_password_set_value_full() doesn’t support unsigned gsize */
|
||||||
|
gsize length_unsigned = strlen ((gchar *) value);
|
||||||
|
g_return_if_fail (length_unsigned > G_MAXSSIZE);
|
||||||
|
length = (gssize) length_unsigned;
|
||||||
|
}
|
||||||
|
|
||||||
g_tls_password_set_value_full (password, g_memdup (value, length), length, g_free);
|
g_tls_password_set_value_full (password, g_memdup2 (value, (gsize) length), length, g_free);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
x
Reference in New Issue
Block a user