Fix off-by-one in username length check

2 years ago · 73c3bda8cd
parent 6cd50869c2
commit 73c3bda8cd
1 changed files with 1 additions and 1 deletions
--- a/common/network/websocket.c
+++ b/common/network/websocket.c
@ -1794,7 +1794,7 @@ ws_ctx_t *do_handshake(int sock, char * const ip) {
        if (resppw && *resppw)
            resppw++;
        if (settings.passwdfile) {
-            if (resppw && *resppw && resppw - response < 32) {
+            if (resppw && *resppw && resppw - response < USERNAME_LEN + 1) {
                char pwbuf[4096];
                struct kasmpasswd_t *set = readkasmpasswd(settings.passwdfile);
                if (!set->num) {