fixed crash when bogus payload (auth_data == NULL) was received.

[silc.git] / lib / silccore / silcauth.c

diff --git a/lib/silccore/silcauth.c b/lib/silccore/silcauth.c
index e38eff0b3b5171e918271e8fbb8c5963fc083d40..73da54044d3124dc564c82252ad24bad4a05bc06 100644 (file)
--- a/lib/silccore/silcauth.c
+++ b/lib/silccore/silcauth.c
@@ -92,28 +92,13 @@ SilcBuffer silc_auth_payload_encode(SilcAuthMethod method,
 {
   SilcBuffer buffer;
   SilcUInt32 len;
-  unsigned char *autf8 = NULL;
-  SilcUInt32 autf8_len;
 
   SILC_LOG_DEBUG(("Encoding Authentication Payload"));
 
-  /* Passphrase MUST be UTF-8 encoded, encode if it is not */
-  if (method == SILC_AUTH_PASSWORD && !silc_utf8_valid(auth_data, auth_len)) {
-    autf8_len = silc_utf8_encoded_len(auth_data, auth_len, 0);
-    if (!autf8_len)
-      return NULL;
-    autf8 = silc_calloc(autf8_len, sizeof(*autf8));
-    auth_len = silc_utf8_encode(auth_data, auth_len, 0, autf8, autf8_len);
-    auth_data = (const unsigned char *)autf8;
-  }
-
   len = 2 + 2 + 2 + random_len + 2 + auth_len;
   buffer = silc_buffer_alloc_size(len);
-  if (!buffer) {
-    silc_free(autf8);
+  if (!buffer)
     return NULL;
-  }
-
   silc_buffer_format(buffer,
                     SILC_STR_UI_SHORT(len),
                     SILC_STR_UI_SHORT(method),
@@ -123,7 +108,6 @@ SilcBuffer silc_auth_payload_encode(SilcAuthMethod method,
                     SILC_STR_UI_XNSTRING(auth_data, auth_len),
                     SILC_STR_END);
 
-  silc_free(autf8);
   return buffer;
 }
 
@@ -151,7 +135,7 @@ SilcAuthMethod silc_auth_get_method(SilcAuthPayload payload)
   return payload->auth_method;
 }
 
-/* Get the authentication data. If this is passphrase it is UTF-8 encoded. */
+/* Get the authentication data */
 
 unsigned char *silc_auth_get_data(SilcAuthPayload payload,
                                  SilcUInt32 *auth_len)
@@ -385,8 +369,17 @@ bool silc_auth_verify(SilcAuthPayload payload, SilcAuthMethod auth_method,
   case SILC_AUTH_PASSWORD:
     /* Passphrase based authentication. The `pkcs', `hash', `id' and `type'
        arguments are not needed. */
+    /* Carefully check that the auth_data field of the payload is not empty
+       (len=0), which seems to be a legal packet but would crash the
+       application. Maybe such packet should be dropped. -Johnny 2002/14/4 */
+    if ((payload->auth_len == 0) || !auth_data)
+      break;
+
+    /* if lengths mismatch, avoid comparing unallocated memory locations */
+    if (payload->auth_len != auth_data_len)
+      break;
     if (!memcmp(payload->auth_data, auth_data, auth_data_len)) {
-      SILC_LOG_DEBUG(("Authentication successful"));
+      SILC_LOG_DEBUG(("Passphrase Authentication successful"));
       return TRUE;
     }
     break;
@@ -408,8 +401,7 @@ bool silc_auth_verify(SilcAuthPayload payload, SilcAuthMethod auth_method,
 
 /* Same as above but parses the authentication payload before verify. */
 
-bool silc_auth_verify_data(const unsigned char *payload, 
-                          SilcUInt32 payload_len,
+bool silc_auth_verify_data(const unsigned char *payload, SilcUInt32 payload_len,
                           SilcAuthMethod auth_method, const void *auth_data,
                           SilcUInt32 auth_data_len, SilcHash hash, 
                           const void *id, SilcIdType type)