shithub: riscv

Download patch

ref: a8f8de1cdeec7f9bee287c137b576e0249e8df82
parent: e83c9b3e61cf3aff761b9e662bc7495faa18b94c
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Wed Dec 16 16:30:56 EST 2015 

import/expoerfs: dont assert() fault when ai->secret is > 8 bytes, just use the first 8 bytes


--- a/sys/src/cmd/exportfs/exportfs.c
+++ b/sys/src/cmd/exportfs/exportfs.c
@@ -334,8 +334,9 @@
 		char fromserversecret[21];
 		int i;
 
-		assert(ai->nsecret <= sizeof(key)-4);
-		memmove(key+4, ai->secret, ai->nsecret);
+		if(ai->nsecret < 8)
+			fatal("secret too small for ssl");
+		memmove(key+4, ai->secret, 8);
 
 		/* exchange random numbers */
 		srand(truerand());
--- a/sys/src/cmd/import.c
+++ b/sys/src/cmd/import.c
@@ -192,8 +192,9 @@
 		char fromserversecret[21];
 		int i;
 
-		assert(ai->nsecret <= sizeof(key)-4);
-		memmove(key+4, ai->secret, ai->nsecret);
+		if(ai->nsecret < 8)
+			sysfatal("secret too small to ssl");
+		memmove(key+4, ai->secret, 8);
 
 		/* exchange random numbers */
 		srand(truerand());