diff options
| author | Ian Moffett <ian@osmora.org> | 2025-02-21 18:30:45 -0500 |
|---|---|---|
| committer | Ian Moffett <ian@osmora.org> | 2025-02-21 18:30:45 -0500 |
| commit | 43191382e71295bf5637b6757f222f4c4b9b9e0e (patch) | |
| tree | 7e26dc9f206d031ce3084f779b9c9b036855448f | |
| parent | 8d0dc94a0cff804822659b9cba559cd3f83bf0c7 (diff) | |
session: Handle overflows
Signed-off-by: Ian Moffett <ian@osmora.org>
| -rw-r--r-- | lib/libostp/session.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/libostp/session.c b/lib/libostp/session.c index 35d7a8d..26b72bb 100644 --- a/lib/libostp/session.c +++ b/lib/libostp/session.c @@ -123,10 +123,13 @@ send_auth(int sockfd, const unsigned char *session_key, struct ostp_session *s) } /* Did it fail? */ - if (auth.code != AUTH_SUCCESS) { + if (auth.code != AUTH_SUCCESS && auth.code < NELEM(auth_codestr)) { LOG("Failed to authenticate, server says: %s\n", auth_codestr[auth.code]); return -1; + } else if (auth.code >= NELEM(auth_codestr)) { + LOG("Failed to authenticate, invalid code %d\n", auth.code); + return -1; } memcpy(s->username, auth.username, sizeof(auth.username)); |