From: Kurt Zeilenga <kurt@openldap.org>
Date: Fri, 19 Jan 2001 04:53:21 +0000 (+0000)
Subject: Don't use ntohl().
X-Git-Tag: LDBM_PRE_GIANT_RWLOCK~1555
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=a4f4d8be591e087d4d7358b09fb2602cd4ae08b7;p=openldap

Don't use ntohl().
Add min/max bufsize check
---

diff --git a/libraries/libldap/cyrus.c b/libraries/libldap/cyrus.c
index c72198b407..ff6a761f47 100644
--- a/libraries/libldap/cyrus.c
+++ b/libraries/libldap/cyrus.c
@@ -124,15 +124,16 @@ sb_sasl_remove( Sockbuf_IO_Desc *sbiod )
 }
 
 static ber_len_t
-sb_sasl_pkt_length( const char *buf, int debuglevel )
+sb_sasl_pkt_length( const unsigned char *buf, int debuglevel )
 {
 	ber_len_t		size;
-	long			tmp;
 
 	assert( buf != NULL );
 
-	tmp = *((long *)buf);
-	size = ntohl( tmp );
+	size = buf[0] << 24
+		| buf[1] << 16
+		| buf[2] << 8
+		| buf[3];
    
 	/* we really should check against actual buffer size set
 	 * in the secopts.
@@ -767,7 +768,10 @@ int ldap_pvt_sasl_secprops(
 				return LDAP_NOT_SUPPORTED;
 			}
 
-			if( maxbufsize > SASL_MAX_BUFF_SIZE ) {
+			if( maxbufsize && (( maxbufsize < SASL_MIN_BUFF_SIZE ) {
+				|| (maxbufsize > SASL_MAX_BUFF_SIZE ))
+			{
+				/* bad maxbufsize */
 				return LDAP_PARAM_ERROR;
 			}