mirrors/ipmitool
1
0
Fork 0
mirror of https://github.com/ipmitool/ipmitool.git synced 2026-01-21 16:42:19 +08:00
Code Issues Packages Projects Releases 2 Wiki Activity

Commit limits length of user name and password that can be supplied by user.

Browse Source 
Password is limited to 16 bytes, resp. 20 bytes, for LAN, resp. LAN+,
interface. User name is limited to 16 bytes, no interface limitations.

Reference: SF.net ID#3184687, ID#3001519

Changes done by Duncan Idaho
This commit is contained in:
Jim Mankovich 2012-05-01 19:09:19 +00:00
parent 5f11bb25b0
commit 7733416d2b
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ipmitool/lib/ipmi_main.c
View File

@ -546,6 +546,10 @@ ipmi_main(int argc, char ** argv,
}
break;
case 'U':
if (strlen(optarg) > 16) {
lprintf(LOG_ERR, "Username is too long (> 16 bytes)");
goto out_free;
}
username = strdup(optarg);
if (username == NULL) {
lprintf(LOG_ERR, "%s: malloc failure", progname);
@ -756,6 +760,18 @@ ipmi_main(int argc, char ** argv,
}
}
if (password != NULL && intfname != NULL) {
if (strcmp(intfname, "lan") == 0 && strlen(password) > 16) {
lprintf(LOG_ERR, "%s: password is longer than 16 bytes.", intfname);
rc = -1;
goto out_free;
} else if (strcmp(intfname, "lanplus") == 0 && strlen(password) > 20) {
lprintf(LOG_ERR, "%s: password is longer than 20 bytes.", intfname);
rc = -1;
goto out_free;
}
} /* if (password != NULL && intfname != NULL) */
/* load interface */
ipmi_main_intf = ipmi_intf_load(intfname);
if (ipmi_main_intf == NULL) {