result = sasl_decode64(sm_reply.text, sm_reply.length,
outbuf, sizeof(outbuf), &outlen);
- if (result != SASL_OK && result != SASL_CONTINUE) {
+ if (result != SASL_OK) {
smtalk(SM_AUTH, "*");
sm_ierror("SASL base64 decode failed: %s",
sasl_errstring(result, NULL, NULL));
fgets (buffer, BUFSIZ, sm_rfp);
*len = strlen (buffer);
- if (ferror (sm_rfp) || feof (sm_rfp))
+ /* *len should be >0 except on EOF, but check for safety's sake */
+ if (ferror (sm_rfp) || feof (sm_rfp) || (*len == 0))
return sm_rerror ();
if (buffer[*len - 1] != '\n')
while (getc (sm_rfp) != '\n' && !ferror (sm_rfp) && !feof (sm_rfp))
continue;
else
- if (buffer[*len - 2] == '\r')
+ if ((*len > 1) && (buffer[*len - 2] == '\r'))
*len -= 1;
- buffer[*len - 1] = 0;
+ *len -= 1;
+ buffer[*len] = 0;
return OK;
}