From e51175f6d8bd9cf845e82ddca41687cc7d54d425 Mon Sep 17 00:00:00 2001 From: Jay Sorg Date: Thu, 20 Aug 2015 12:47:10 -0700 Subject: [PATCH] vnc: fix a issue with passwords longer that 8 --- vnc/vnc.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/vnc/vnc.c b/vnc/vnc.c index 66e70225..7423dfde 100644 --- a/vnc/vnc.c +++ b/vnc/vnc.c @@ -54,10 +54,12 @@ rfbEncryptBytes(char *bytes, char *passwd) { char key[24]; void *des; + int len; /* key is simply password padded with nulls */ g_memset(key, 0, sizeof(key)); - g_mirror_memcpy(key, passwd, g_strlen(passwd)); + len = MIN(g_strlen(passwd), 8); + g_mirror_memcpy(key, passwd, len); des = ssl_des3_encrypt_info_create(key, 0); ssl_des3_encrypt(des, 8, bytes, bytes); ssl_des3_info_delete(des);