Fix SASL issue properly, by making sm_rrecord() and thus sm_hear() set

the length of the reply string correctly (the SASL libraries now care
if you pass in the wrong length).

diff --git a/ChangeLog b/ChangeLog
index 9a7b310..da5ac1d 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,11 @@
        * Revert previous attempt at fix for SASL issue as it
        is the wrong approach.
 
+       * Fix in correct manner, by making sm_rrecord() and thus
+       sm_hear() set the length of the reply string correctly
+       (the SASL libraries now care if you pass in the wrong
+       length).
+
 2008-04-29  Peter Maydell  <pmaydell@chiark.greenend.org.uk>
 
        * Cope with sasl_decode64() returning SASL_CONTINUE, as

diff --git a/mts/smtp/smtp.c b/mts/smtp/smtp.c
index 1ab027f..13e8eff 100644 (file)
--- a/mts/smtp/smtp.c
+++ b/mts/smtp/smtp.c
@@ -1688,15 +1688,17 @@ sm_rrecord (char *buffer, int *len)
 
     fgets (buffer, BUFSIZ, sm_rfp);
     *len = strlen (buffer);
-    if (ferror (sm_rfp) || feof (sm_rfp))
+    /* *len should be >0 except on EOF, but check for safety's sake */
+    if (ferror (sm_rfp) || feof (sm_rfp) || (*len == 0))
        return sm_rerror ();
     if (buffer[*len - 1] != '\n')
        while (getc (sm_rfp) != '\n' && !ferror (sm_rfp) && !feof (sm_rfp))
            continue;
     else
-       if (buffer[*len - 2] == '\r')
+       if ((*len > 1) && (buffer[*len - 2] == '\r'))
            *len -= 1;
-    buffer[*len - 1] = 0;
+    *len -= 1;
+    buffer[*len] = 0;
 
     return OK;
 }