--- mqtt/src/Attic/conn.c	2011/12/13 15:23:43	1.1.2.14
+++ mqtt/src/Attic/conn.c	2011/12/16 02:09:20	1.1.2.15
@@ -33,15 +33,15 @@ mqtt_msgCONNECT(mqtt_msg_t * __restrict buf, const cha
 
 	if (!buf || !csConnID)
 		return -1;
-	if (strlen(csConnID) > 24) {
+	if (strlen(csConnID) > 23) {
 		mqtt_SetErr(EINVAL, "Error:: invalid argument ConnID is too long (max 23 bytes)");
 		return -1;
 	}
-	if (csUser && strlen(csUser) > 13) {
+	if (csUser && strlen(csUser) > 12) {
 		mqtt_SetErr(EINVAL, "Error:: invalid argument Username is too long (max 12 bytes)");
 		return -1;
 	}
-	if (csPass && strlen(csPass) > 13) {
+	if (csPass && strlen(csPass) > 12) {
 		mqtt_SetErr(EINVAL, "Error:: invalid argument Password is too long (max 12 bytes)");
 		return -1;
 	}
@@ -312,7 +312,7 @@ mqtt_readCONNECT(mqtt_msg_t * __restrict buf, u_short 
 	/* get ConnID */
 	var = (mqtthdr_var_t*) pos;
 	len -= MQTTHDR_VAR_SIZEOF(var);
-	if (len < 0) {
+	if (len < 0 || var->var_sb.sb.l > 23) {
 		mqtt_SetErr(EINVAL, "Error:: unexpected EOM at Connection ID %d", len);
 		cack.retcode = MQTT_RETCODE_REFUSE_ID;
 		return cack;
@@ -369,7 +369,7 @@ mqtt_readCONNECT(mqtt_msg_t * __restrict buf, u_short 
 	if (flg.username) {
 		var = (mqtthdr_var_t*) pos;
 		len -= MQTTHDR_VAR_SIZEOF(var);
-		if (len < 0) {
+		if (len < 0 || var->var_sb.sb.l > 12) {
 			mqtt_SetErr(EINVAL, "Error:: unexpected EOM at Username %d", len);
 			cack.retcode = MQTT_RETCODE_REFUSE_USERPASS;
 			return cack;
@@ -385,7 +385,7 @@ mqtt_readCONNECT(mqtt_msg_t * __restrict buf, u_short 
 	if (flg.password) {
 		var = (mqtthdr_var_t*) pos;
 		len -= MQTTHDR_VAR_SIZEOF(var);
-		if (len < 0) {
+		if (len < 0 || var->var_sb.sb.l > 12) {
 			mqtt_SetErr(EINVAL, "Error:: unexpected EOM at Password %d", len);
 			cack.retcode = MQTT_RETCODE_REFUSE_USERPASS;
 			return cack;