Prevent possible buffer overflows when using very large (>= 8192 bit) RSA keys.

[oweals/tinc.git] / src / protocol.h

diff --git a/src/protocol.h b/src/protocol.h
index 8951cbcd2d3ae35ad528edba5f667e7cd80ec466..d6a35be77230215b239b9bd6da8b478258cddea0 100644 (file)
--- a/src/protocol.h
+++ b/src/protocol.h
@@ -1,7 +1,7 @@
 /*
     protocol.h -- header for protocol.c
-    Copyright (C) 1999-2001 Ivo Timmermans <ivo@o2w.nl>,
-                  2000,2001 Guus Sliepen <guus@sliepen.eu.org>
+    Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
+                  2000-2005 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol.h,v 1.5.4.45 2003/11/17 15:30:18 guus Exp $
+    $Id$
 */
 
 #ifndef __TINC_PROTOCOL_H__
@@ -56,9 +56,12 @@ typedef struct past_request_t {
 
 extern bool tunnelserver;
 
-/* Maximum size of strings in a request */
+/* Maximum size of strings in a request.
+ * scanf terminates %2048s with a NUL character,
+ * but the NUL character can be written after the 2048th non-NUL character.
+ */
 
-#define MAX_STRING_SIZE 2048
+#define MAX_STRING_SIZE 2049
 #define MAX_STRING "%2048s"
 
 #include "edge.h"