From 7733416d2b1cd385f2c86e83d460f7032cbadbec Mon Sep 17 00:00:00 2001
From: Jim Mankovich <jmank@hp.com>
Date: Tue, 1 May 2012 19:09:19 +0000
Subject: [PATCH] Commit limits length of user name and password that can be
 supplied by user. Password is limited to 16 bytes, resp. 20 bytes, for LAN,
 resp. LAN+, interface. User name is limited to 16 bytes, no interface
 limitations.

Reference: SF.net ID#3184687, ID#3001519

Changes done by Duncan Idaho
---
 ipmitool/lib/ipmi_main.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/ipmitool/lib/ipmi_main.c b/ipmitool/lib/ipmi_main.c
index 3596206..22e3179 100644
--- a/ipmitool/lib/ipmi_main.c
+++ b/ipmitool/lib/ipmi_main.c
@@ -546,6 +546,10 @@ ipmi_main(int argc, char ** argv,
 			}
 			break;
 		case 'U':
+			if (strlen(optarg) > 16) {
+				lprintf(LOG_ERR, "Username is too long (> 16 bytes)");
+				goto out_free;
+			}
 			username = strdup(optarg);
 			if (username == NULL) {
 				lprintf(LOG_ERR, "%s: malloc failure", progname);
@@ -756,6 +760,18 @@ ipmi_main(int argc, char ** argv,
 		}
 	}
 
+	if (password != NULL && intfname != NULL) {
+		if (strcmp(intfname, "lan") == 0 && strlen(password) > 16) {
+			lprintf(LOG_ERR, "%s: password is longer than 16 bytes.", intfname);
+			rc = -1;
+			goto out_free;
+		} else if (strcmp(intfname, "lanplus") == 0 && strlen(password) > 20) {
+			lprintf(LOG_ERR, "%s: password is longer than 20 bytes.", intfname);
+			rc = -1;
+			goto out_free;
+		}
+	} /* if (password != NULL && intfname != NULL) */
+
 	/* load interface */
 	ipmi_main_intf = ipmi_intf_load(intfname);
 	if (ipmi_main_intf == NULL) {