Attempt merging from 6.3.24.

[~andy/fetchmail] / ntlmsubr.c

diff --git a/ntlmsubr.c b/ntlmsubr.c
index 63cbed8f34a91fae338e3f1c0f6f6044de554895..941d0a070bba39aa64fbf7a237bffad994ca551e 100644 (file)
--- a/ntlmsubr.c
+++ b/ntlmsubr.c
@@ -2,7 +2,7 @@
 
 #ifdef NTLM_ENABLE
 #include "fetchmail.h"
-#include "i18n.h"
+#include "gettext.h"
 #include "ntlm.h"
 #include "socket.h"
 
@@ -55,8 +55,12 @@ int ntlm_helper(int sock, struct query *ctl, const char *proto)
     if ((result = gen_recv(sock, msgbuf, sizeof msgbuf)))
        goto cancelfail;
 
+    /*
+     * < 0: decoding error
+     * >= 0 < 32: too short to be plausible
+     */
     if ((result = from64tobits (&challenge, msgbuf, sizeof(challenge))) < 0
-           || result < ((void *)&challenge.context - (void *)&challenge))
+           || result < 32)
     {
        report (stderr, GT_("could not decode BASE64 challenge\n"));
        /* We do not goto cancelfail; the server has already sent the
@@ -73,9 +77,9 @@ int ntlm_helper(int sock, struct query *ctl, const char *proto)
      * - that offset + length is not bigger than buffer */
     if (0 != memcmp("NTLMSSP", challenge.ident, 8)
            || challenge.msgType != 2
-           || challenge.uDomain.offset > result
-           || challenge.uDomain.offset + challenge.uDomain.len < challenge.uDomain.offset
-           || challenge.uDomain.offset + challenge.uDomain.len > result)
+           || challenge.uDomain.offset > (unsigned)result
+           || (challenge.uDomain.offset + challenge.uDomain.len) < challenge.uDomain.offset
+           || (challenge.uDomain.offset + challenge.uDomain.len) > (unsigned)result)
     {
        report (stderr, GT_("NTLM challenge contains invalid data.\n"));
        result = PS_AUTHFAIL;