Patch from Mark Eichin for bug 635

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14347 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/appl/gssftp/ftp/ChangeLog b/src/appl/gssftp/ftp/ChangeLog
index 21a1d2832ee75b36b0f409707fb1fb60425e236a..0cf21a989ecede83b785314f698782eb88a1deca 100644 (file)
--- a/src/appl/gssftp/ftp/ChangeLog
+++ b/src/appl/gssftp/ftp/ChangeLog
@@ -1,3 +1,8 @@
+2002-04-04  Sam Hartman  <hartmans@mit.edu>
+
+       * radix.c (decode;):  Patch from Mark Eichin for one char buffer overflow [635]
+       
+
 2002-03-05  Ken Raeburn  <raeburn@mit.edu>
 
        * cmds.c (unix): Define if BSD is defined.

diff --git a/src/appl/gssftp/ftp/radix.c b/src/appl/gssftp/ftp/radix.c
index 2d573b4be070b8fd9ef1f0d7db1f51152b004327..c989962c2834f9d30319bb35aee2b8f414a2cced 100644 (file)
--- a/src/appl/gssftp/ftp/radix.c
+++ b/src/appl/gssftp/ftp/radix.c
@@ -23,18 +23,18 @@ int *len, decode;
                    D = p - radixN;
                    switch (i&3) {
                        case 0:
-                           outbuf[j] = D<<2;
+                           c = D<<2;
                            break;
                        case 1:
-                           outbuf[j++] |= D>>4;
-                           outbuf[j] = (D&15)<<4;
+                           outbuf[j++] = c | D>>4;
+                           c = (D&15)<<4;
                            break;
                        case 2:
-                           outbuf[j++] |= D>>2;
-                           outbuf[j] = (D&3)<<6;
+                           outbuf[j++] = c | D>>2;
+                           c = (D&3)<<6;
                            break;
                        case 3:
-                           outbuf[j++] |= D;
+                           outbuf[j++] = c | D;
                    }
                }
                switch (i&3) {