ref: c501fe69366175312b39f7eead949f9b27c03ef6
parent: 0b3ad2b562a91608a433e49baa4633dcb7aa32e9
author: cinap_lenrek <cinap_lenrek@gmx.de>
date: Thu Oct 17 11:31:07 EDT 2013
factotum: fix mschap password (utf-8 to utf-16) conversion using strlen() gives the number of bytes in the utf-8 string. could use utflen() instead, but decided to just go in a loop and get rid of the counters all together. UTF-16 surrogates are not handled.
--- a/sys/src/cmd/auth/factotum/chap.c
+++ b/sys/src/cmd/auth/factotum/chap.c
@@ -390,16 +390,13 @@
doNTchap(char *pass, uchar chal[ChapChallen], uchar reply[MSchapResplen])
{Rune r;
- int i, n;
uchar digest[MD4dlen];
- uchar *w, unipass[256];
+ uchar *w, unipass[128*2]; // Standard says unlimited length, experience says 128 max
- // Standard says unlimited length, experience says 128 max
- if ((n = strlen(pass)) > 128)
- n = 128;
-
- for(i=0, w=unipass; i < n; i++) {+ w=unipass;
+ while(*pass != '\0' && w < &unipass[nelem(unipass)]){pass += chartorune(&r, pass);
+ /* BUG: UTF-16 surrogates */
*w++ = r & 0xff;
*w++ = r >> 8;
}
--
⑨