heimdal auth: fix the increase of big_buffer size. Bug 2501

author: Jeremy Harris <jgh146exb@wizmail.org> 2020-01-14 17:48:57 +0000
committer: Jeremy Harris <jgh146exb@wizmail.org> 2020-01-14 17:48:57 +0000
commit: 7a66b3afa11a70021297c176acf56831692be89a (patch)
tree: f4031c607c8291427bfe75e73429c95e023130c2 /src
parent: ba5120a469a78ca316916e7be98c5fcb0ddd0d33 (diff)
4 files changed, 13 insertions, 15 deletions
diff --git a/src/src/auths/README b/src/src/auths/README
index d4f125c30..66bdcdcf8 100644
--- a/src/src/auths/README
+++ b/src/src/auths/README
@@ -34,7 +34,7 @@ instance block for this configured mechanism. It must set the flags called
 the server and/or client functions are available for this authenticator.
 Typically this depends on whether server or client configuration options have
 been set, but it is also possible to have an authenticator that has only one of
-the server or client functions.
+the server or client functions.  The function may not touch big_buffer.
 
 SERVER AUTHENTICATION
 
diff --git a/src/src/auths/heimdal_gssapi.c b/src/src/auths/heimdal_gssapi.c
index 3dfcb8c6a..523f7c69a 100644
--- a/src/src/auths/heimdal_gssapi.c
+++ b/src/src/auths/heimdal_gssapi.c
@@ -200,16 +200,6 @@ if (krc)
 
 krb5_free_context(context);
 
-/* RFC 4121 section 5.2, SHOULD support 64K input buffers */
-if (big_buffer_size < (64 * 1024))
-  {
-  uschar *newbuf;
-  big_buffer_size = 64 * 1024;
-  newbuf = store_malloc(big_buffer_size);
-  store_free(big_buffer);
-  big_buffer = newbuf;
-  }
-
 ablock->server = TRUE;
 }
 
diff --git a/src/src/macros.h b/src/src/macros.h
index cc96c8516..c99b152d5 100644
--- a/src/src/macros.h
+++ b/src/src/macros.h
@@ -152,12 +152,19 @@ enough to hold all the headers from a normal kind of message. */
 into big_buffer_size and in some circumstances increased. It should be at least
 as long as the maximum path length. */
 
-#if defined PATH_MAX && PATH_MAX > 16384
+#ifdef AUTH_HEIMDAL_GSSAPI
+		/* RFC 4121 section 5.2, SHOULD support 64K input buffers */
+# define __BIG_BUFFER_SIZE 65536
+#else
+# define __BIG_BUFFER_SIZE 16384
+#endif
+
+#if defined PATH_MAX && PATH_MAX > __BIG_BUFFER_SIZE
 # define BIG_BUFFER_SIZE PATH_MAX
-#elif defined MAXPATHLEN && MAXPATHLEN > 16384
+#elif defined MAXPATHLEN && MAXPATHLEN > __BIG_BUFFER_SIZE
 # define BIG_BUFFER_SIZE MAXPATHLEN
 #else
-# define BIG_BUFFER_SIZE 16384
+# define BIG_BUFFER_SIZE __BIG_BUFFER_SIZE
 #endif
 
 /* header size of pipe content
diff --git a/src/src/readconf.c b/src/src/readconf.c
index 65dffe10a..05afb2464 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -3690,7 +3690,7 @@ driver_instance **p = anchor;
 driver_instance *d = NULL;
 uschar *buffer;
 
-while ((buffer = get_config_line()) != NULL)
+while ((buffer = get_config_line()))
   {
   uschar name[64];
   uschar *s;
@@ -3711,6 +3711,7 @@ while ((buffer = get_config_line()) != NULL)
       if (!d->driver_name)
         log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
           "no driver defined for %s \"%s\"", class, d->name);
+      /* s is using big_buffer, so this call had better not */
       (d->info->init)(d);
       d = NULL;
       }
author	Jeremy Harris <jgh146exb@wizmail.org>	2020-01-14 17:48:57 +0000
committer	Jeremy Harris <jgh146exb@wizmail.org>	2020-01-14 17:48:57 +0000
commit	7a66b3afa11a70021297c176acf56831692be89a (patch)
tree	f4031c607c8291427bfe75e73429c95e023130c2 /src
parent	ba5120a469a78ca316916e7be98c5fcb0ddd0d33 (diff)