Hi Alex, On Mon, Apr 20, 2026 at 12:02:11PM +0200, Alejandro Colomar via Mutt-dev wrote:
I think this is correct:
I think it is too. I'm short on time tonight, but tomorrow I will commit my patch to stable and merge it to master. Then we can take a look at your patch to master when it's ready.
I think with your patch the only change I would make is below.
diff --git i/imap/auth_cram.c w/imap/auth_cram.c
index 9844f444..b42eacb1 100644
--- i/imap/auth_cram.c
+++ w/imap/auth_cram.c
@@ -135,8 +135,8 @@ static void hmac_md5(const char *password, char
*challenge,
unsigned char *response)
{
struct md5_ctx ctx;
+ char secret[MD5_BLOCK_LEN];
unsigned char ipad[MD5_BLOCK_LEN], opad[MD5_BLOCK_LEN];
- unsigned char secret[MD5_BLOCK_LEN+1];
unsigned char hash_passwd[MD5_DIGEST_LEN];
size_t secret_len, chal_len;
int i;
@@ -149,16 +149,15 @@ static void hmac_md5(const char *password, char
*challenge,
if (secret_len > MD5_BLOCK_LEN)
{
md5_buffer(password, secret_len, hash_passwd);
+ memset(secret, 0, sizeof(secret));
memcpy(secret, hash_passwd, MD5_DIGEST_LEN);
secret_len = MD5_DIGEST_LEN;
We also don't need to set secret_len for the digest anymore, since you've removed its usage below:
}
else
- strfcpy((char *) secret, password, sizeof(secret));
+ strncpy(secret, password, sizeof(secret));
- memset(ipad, 0, sizeof(ipad));
- memset(opad, 0, sizeof(opad));
- memcpy(ipad, secret, secret_len);
- memcpy(opad, secret, secret_len);
+ memcpy(ipad, secret, sizeof(ipad));
+ memcpy(opad, secret, sizeof(opad));
for (i = 0; i < MD5_BLOCK_LEN; i++)
{
I'll think a bit more about it later, and will send it as a patch.
Thanks Alex! -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature
