From c359f114e4d5b956e0467538fc47b032a9dda5e4 Mon Sep 17 00:00:00 2001
From: Duncan Idaho <dune.idaho@gmail.com>
Date: Tue, 1 May 2012 18:27:58 +0000
Subject: [PATCH 19/19] lib/ipmi_main.c - limit len of password, user name
 Signed-off-by: Duncan Idaho <dune.idaho@gmail.com>

Commit limits length of user name and password that can be supplied by user.
Password is limited to 16 bytes, resp. 20 bytes, for LAN, resp. LAN+,
interface. User name is limited to 16 bytes, no interface limitations.

Reference: SF.net ID#3184687, ID#3001519
---
 lib/ipmi_main.c |   16 ++++++++++++++++
 1 files changed, 16 insertions(+), 0 deletions(-)

diff --git a/lib/ipmi_main.c b/lib/ipmi_main.c
index 3596206..22e3179 100644
--- a/lib/ipmi_main.c
+++ b/lib/ipmi_main.c
@@ -546,6 +546,10 @@ ipmi_main(int argc, char ** argv,
 			}
 			break;
 		case 'U':
+			if (strlen(optarg) > 16) {
+				lprintf(LOG_ERR, "Username is too long (> 16 bytes)");
+				goto out_free;
+			}
 			username = strdup(optarg);
 			if (username == NULL) {
 				lprintf(LOG_ERR, "%s: malloc failure", progname);
@@ -756,6 +760,18 @@ ipmi_main(int argc, char ** argv,
 		}
 	}
 
+	if (password != NULL && intfname != NULL) {
+		if (strcmp(intfname, "lan") == 0 && strlen(password) > 16) {
+			lprintf(LOG_ERR, "%s: password is longer than 16 bytes.", intfname);
+			rc = -1;
+			goto out_free;
+		} else if (strcmp(intfname, "lanplus") == 0 && strlen(password) > 20) {
+			lprintf(LOG_ERR, "%s: password is longer than 20 bytes.", intfname);
+			rc = -1;
+			goto out_free;
+		}
+	} /* if (password != NULL && intfname != NULL) */
+
 	/* load interface */
 	ipmi_main_intf = ipmi_intf_load(intfname);
 	if (ipmi_main_intf == NULL) {
-- 
1.7.5.1