Follow-up to fad3040499293b1ff4ff634680163fcab4ca5e70

- Corrected token length limit detection when the token is shorter than 32 characters. Special thanks to Lemongrass3110. Signed-off-by: Haru <haru@dotalux.com>
author: Haru <haru@dotalux.com> 2013-10-16 06:04:42 +0200
committer: Haru <haru@dotalux.com> 2013-10-16 06:04:42 +0200
commit: cee30749f018d1018878cf55b1f4550a95bd9ff7 (patch)
tree: 52ee059f186893c0efae03fb421cdce2ab331043 /src/login/login.c
parent: 16f6df0c89cb08e44654e3930478682dbb24b2b3 (diff)
download: hercules-cee30749f018d1018878cf55b1f4550a95bd9ff7.tar.gz
hercules-cee30749f018d1018878cf55b1f4550a95bd9ff7.tar.bz2
hercules-cee30749f018d1018878cf55b1f4550a95bd9ff7.tar.xz
hercules-cee30749f018d1018878cf55b1f4550a95bd9ff7.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/login/login.c b/src/login/login.c
index f81ee30c7..7de5dbb76 100644
--- a/src/login/login.c
+++ b/src/login/login.c
@@ -1404,7 +1404,7 @@ int parse_login(int fd)
 				}
 
 				safestrncpy(username, accname, NAME_LENGTH);
-				safestrncpy(password, token, PASSWD_LEN);
+				safestrncpy(password, token, min(uTokenLen+1, PASSWD_LEN)); // Variable-length field, don't copy more than necessary
 				clienttype = RFIFOB(fd, 8);
 			}
 			else
author	Haru <haru@dotalux.com>	2013-10-16 06:04:42 +0200
committer	Haru <haru@dotalux.com>	2013-10-16 06:04:42 +0200
commit	cee30749f018d1018878cf55b1f4550a95bd9ff7 (patch)
tree	52ee059f186893c0efae03fb421cdce2ab331043 /src/login/login.c
parent	16f6df0c89cb08e44654e3930478682dbb24b2b3 (diff)
download	hercules-cee30749f018d1018878cf55b1f4550a95bd9ff7.tar.gz hercules-cee30749f018d1018878cf55b1f4550a95bd9ff7.tar.bz2 hercules-cee30749f018d1018878cf55b1f4550a95bd9ff7.tar.xz hercules-cee30749f018d1018878cf55b1f4550a95bd9ff7.zip