return NULL;
}
- /* Authentication data must be provided */
- if (newp->auth_len < 1) {
- silc_auth_payload_free(newp);
- return NULL;
- }
-
/* If password authentication, random data must not be set */
if (newp->auth_method == SILC_AUTH_PASSWORD && newp->random_len) {
silc_auth_payload_free(newp);
{
SILC_LOG_DEBUG(("Verifying authentication"));
- if (!payload || auth_method != payload->auth_method)
+ if (auth_method != payload->auth_method)
return FALSE;
switch (payload->auth_method) {
case SILC_AUTH_PASSWORD:
/* Passphrase based authentication. The `pkcs', `hash', `id' and `type'
arguments are not needed. */
-
- /* Sanity checks */
- if ((payload->auth_len == 0) || !auth_data ||
- payload->auth_len != auth_data_len)
+ /* Carefully check that the auth_data field of the payload is not empty
+ (len=0), which seems to be a legal packet but would crash the
+ application. Maybe such packet should be dropped. -Johnny 2002/14/4 */
+ if ((payload->auth_len == 0) || !auth_data)
break;
+ /* if lengths mismatch, avoid comparing unallocated memory locations */
+ if (payload->auth_len != auth_data_len)
+ break;
if (!memcmp(payload->auth_data, auth_data, auth_data_len)) {
SILC_LOG_DEBUG(("Passphrase Authentication successful"));
return TRUE;