AFP3 with UTF8 ckeck name parameter is not too big.

diff --git a/etc/afpd/directory.c b/etc/afpd/directory.c
index 1dc0c51cae44dd51621ce47262ce2037105cb360..fde61b9985abc556666f92e8b2c937b4959de6a9 100644 (file)
--- a/etc/afpd/directory.c
+++ b/etc/afpd/directory.c
@@ -1,5 +1,5 @@
 /*
- * $Id: directory.c,v 1.68 2003-04-16 06:55:44 didg Exp $
+ * $Id: directory.c,v 1.69 2003-04-20 06:13:40 didg Exp $
  *
  * Copyright (c) 1990,1993 Regents of The University of Michigan.
  * All Rights Reserved.  See COPYRIGHT.
@@ -990,7 +990,6 @@ char        **cpath;
     default:
         afp_errno = AFPERR_PARAM;
         return( NULL );
-    
     }
     *cpath += len + size;
     *path = '\0';
@@ -1061,6 +1060,10 @@ char     **cpath;
         p = path;
         while ( *data != sep && len > 0 ) {
             *p++ = *data++;
+            if (p > &path[ MAXPATHLEN]) {
+                afp_errno = AFPERR_PARAM;
+                return( NULL );
+            }
             len--;
         }
 

diff --git a/etc/afpd/file.c b/etc/afpd/file.c
index 65d259390cb15c6efa57af5e382ea3212f97f5e2..3c4e5a4126fedb5292f8ffb17e28708bedc79e0a 100644 (file)
--- a/etc/afpd/file.c
+++ b/etc/afpd/file.c
@@ -1,5 +1,5 @@
 /*
- * $Id: file.c,v 1.89 2003-04-09 06:06:34 didg Exp $
+ * $Id: file.c,v 1.90 2003-04-20 06:13:41 didg Exp $
  *
  * Copyright (c) 1990,1993 Regents of The University of Michigan.
  * All Rights Reserved.  See COPYRIGHT.
@@ -1053,7 +1053,11 @@ u_int32_t   hint;
         memcpy(&len16, ibuf, sizeof(len16));
         ibuf += sizeof(len16);
         plen = ntohs(len16);
+        
         if (plen) {
+            if (plen > AFPOBJ_TMPSIZ) {
+               return -1;
+            }
             strncpy( newname, ibuf, plen );
             newname[ plen ] = '\0';
             if (strlen(newname) != plen) {