--- embedaddon/mpd/src/auth.c	2016/11/01 09:56:12	1.1.1.3
+++ embedaddon/mpd/src/auth.c	2021/03/17 00:39:23	1.1.1.4
@@ -43,7 +43,7 @@
 
 static void AuthTimeout(void *arg);
 static int 
-AuthGetExternalPassword(char *extcmd, char *authname,
+AuthGetExternalPassword(const char *extcmd, char *authname,
     char *password, size_t passlen);
 static void AuthAsync(void *arg);
 static void AuthAsyncFinish(void *arg, int was_canceled);
@@ -72,7 +72,7 @@ static void AuthOpie(AuthData auth);
 
 #endif
 static const char *AuthCode(int proto, u_char code, char *buf, size_t len);
-static int AuthSetCommand(Context ctx, int ac, char *av[], void *arg);
+static int AuthSetCommand(Context ctx, int ac, const char *const av[], const void *arg);
 
  /* Set menu options */
 enum {
@@ -128,19 +128,19 @@ const struct cmdtab AuthSetCmds[] = {
 	AuthSetCommand, NULL, 2, (void *)SET_YES},
 	{"no [opt ...]", "Disable and deny option",
 	AuthSetCommand, NULL, 2, (void *)SET_NO},
-	{NULL},
+	{NULL, NULL, NULL, NULL, 0, NULL},
 };
 
 const u_char gMsoftZeros[32];
-int	gMaxLogins = 0;			/* max number of concurrent logins per
+static unsigned	gMaxLogins = 0;			/* max number of concurrent logins per
 					 * user */
-int	gMaxLoginsCI = 0;
+static unsigned	gMaxLoginsCI = 0;
 
 /*
  * INTERNAL VARIABLES
  */
 
-static struct confinfo gConfList[] = {
+static const struct confinfo gConfList[] = {
 	{0, AUTH_CONF_RADIUS_AUTH, "radius-auth"},
 	{0, AUTH_CONF_RADIUS_ACCT, "radius-acct"},
 	{0, AUTH_CONF_INTERNAL, "internal"},
@@ -455,10 +455,11 @@ void
 AuthInput(Link l, int proto, Mbuf bp)
 {
 	AuthData auth;
-	int len;
 	struct fsmheader fsmh;
 	u_char *pkt;
 	char buf[16];
+	u_short len;
+	uint16_t fsmh_len;
 
 	/* Sanity check */
 	if (l->lcp.phase != PHASE_AUTHENTICATE && l->lcp.phase != PHASE_NETWORK) {
@@ -470,31 +471,41 @@ AuthInput(Link l, int proto, Mbuf bp)
 
 	/* Sanity check length */
 	if (len < sizeof(fsmh)) {
-		Log(LG_ERR | LG_AUTH, ("[%s] AUTH: rec'd runt packet: %d bytes",
+		Log(LG_ERR | LG_AUTH, ("[%s] AUTH: rec'd runt packet: %hu bytes",
 		    l->name, len));
 		mbfree(bp);
 		return;
 	}
-	auth = AuthDataNew(l);
-	auth->proto = proto;
 
 	bp = mbread(bp, &fsmh, sizeof(fsmh));
-	if (len > ntohs(fsmh.length))
-		len = ntohs(fsmh.length);
-	len -= sizeof(fsmh);
 
+	fsmh_len = ntohs(fsmh.length);
+	if (len > fsmh_len) {
+		/* Sanity check length */
+		if (fsmh_len < sizeof(fsmh)) {
+		    Log(LG_ERR | LG_AUTH, ("[%s] AUTH: bad length: says %hu, rec'd %hu",
+			l->name, fsmh_len, len));
+		    mbfree(bp);
+		    return;
+		}
+		len = fsmh_len;
+	}
+
+	len -= sizeof(fsmh);
 	pkt = MBDATA(bp);
 
 	if (proto == PROTO_EAP && bp) {
-		Log(LG_AUTH, ("[%s] %s: rec'd %s #%d len: %d, type: %s", l->name,
+		Log(LG_AUTH, ("[%s] %s: rec'd %s #%d len: %hu, type: %s", l->name,
 		    ProtoName(proto), AuthCode(proto, fsmh.code, buf, sizeof(buf)), fsmh.id,
-		    ntohs(fsmh.length), EapType(pkt[0])));
+		    fsmh_len, EapType(pkt[0])));
 	} else {
-		Log(LG_AUTH, ("[%s] %s: rec'd %s #%d len: %d", l->name,
+		Log(LG_AUTH, ("[%s] %s: rec'd %s #%d len: %hu", l->name,
 		    ProtoName(proto), AuthCode(proto, fsmh.code, buf, sizeof(buf)), fsmh.id,
-		    ntohs(fsmh.length)));
+		    fsmh_len));
 	}
 
+	auth = AuthDataNew(l);
+	auth->proto = proto;
 	auth->id = fsmh.id;
 	auth->code = fsmh.code;
 	/* Status defaults to undefined */
@@ -718,7 +729,7 @@ AuthStop(Link l)
  */
 
 int
-AuthStat(Context ctx, int ac, char *av[], void *arg)
+AuthStat(Context ctx, int ac, const char *const av[], const void *arg)
 {
 	Auth const au = &ctx->lnk->lcp.auth;
 	AuthConf const conf = &au->conf;
@@ -735,9 +746,13 @@ AuthStat(Context ctx, int ac, char *av[], void *arg)
 
 #endif
 
+	(void)ac;
+	(void)av;
+	(void)arg;
+
 	Printf("Configuration:\r\n");
 	Printf("\tMy authname     : %s\r\n", conf->authname);
-	Printf("\tMax-Logins      : %d%s\r\n", gMaxLogins, (gMaxLoginsCI ? " CI" : ""));
+	Printf("\tMax-Logins      : %u%s\r\n", gMaxLogins, (gMaxLoginsCI ? " CI" : ""));
 	Printf("\tAcct Update     : %d\r\n", conf->acct_update);
 	Printf("\t   Limit In     : %d\r\n", conf->acct_update_lim_recv);
 	Printf("\t   Limit Out    : %d\r\n", conf->acct_update_lim_xmit);
@@ -1868,21 +1883,21 @@ const char *
 AuthMPPETypesname(int types, char *buf, size_t len)
 {
 	if (types == 0) {
-		sprintf(buf, "no encryption required");
+		strlcpy(buf, "no encryption required", len);
 		return (buf);
 	}
 	buf[0] = 0;
 	if (types & MPPE_TYPE_40BIT)
-		sprintf(buf, "40 ");
+		strlcpy(buf, "40 ", len);
 	if (types & MPPE_TYPE_56BIT)
-		sprintf(&buf[strlen(buf)], "56 ");
+		strlcat(buf, "56 ", len);
 	if (types & MPPE_TYPE_128BIT)
-		sprintf(&buf[strlen(buf)], "128 ");
+		strlcat(buf, "128 ", len);
 
 	if (strlen(buf) == 0) {
-		sprintf(buf, "unknown types");
+		strlcpy(buf, "unknown types", len);
 	} else {
-		sprintf(&buf[strlen(buf)], "bit");
+		strlcat(buf, "bit", len);
 	}
 
 	return (buf);
@@ -1896,7 +1911,7 @@ AuthMPPETypesname(int types, char *buf, size_t len)
  * -1 on error (can't fork, no data read, whatever)
  */
 static int
-AuthGetExternalPassword(char *extcmd, char *authname, char *password, size_t passlen)
+AuthGetExternalPassword(const char *extcmd, char *authname, char *password, size_t passlen)
 {
 	char cmd[AUTH_MAX_PASSWORD + 5 + AUTH_MAX_AUTHNAME];
 	int ok = 0;
@@ -1954,7 +1969,7 @@ AuthCode(int proto, u_char code, char *buf, size_t len
  */
 
 static int
-AuthSetCommand(Context ctx, int ac, char *av[], void *arg)
+AuthSetCommand(Context ctx, int ac, const char *const av[], const void *arg)
 {
 	AuthConf const autc = &ctx->lnk->lcp.auth.conf;
 	int val;
@@ -1983,7 +1998,7 @@ AuthSetCommand(Context ctx, int ac, char *av[], void *
 		break;
 
 	case SET_MAX_LOGINS:
-		gMaxLogins = atoi(av[0]);
+		gMaxLogins = (unsigned)atoi(av[0]);
 		if (ac >= 2 && strcasecmp(av[1], "ci") == 0) {
 			gMaxLoginsCI = 1;
 		} else {