pop3: Added 255 octet limit check when sending initial response

Added 255 octet limit check as per Section 4. Paragraph 8 of RFC-5034.
This commit is contained in:
Steve Holme 2013-04-28 12:20:14 +01:00
parent 945246988d
commit 18bfc8f2d7
1 changed files with 2 additions and 1 deletions

View File

@ -629,7 +629,8 @@ static CURLcode pop3_perform_authenticate(struct connectdata *conn)
if(mech && (pop3c->preftype & POP3_TYPE_SASL)) {
/* Perform SASL based authentication */
if(initresp) {
if(initresp &&
8 + strlen(mech) + len <= 255) { /* AUTH <mech> ...<crlf> */
result = Curl_pp_sendf(&pop3c->pp, "AUTH %s %s", mech, initresp);
if(!result)