sendmail: use on-stack buffer for AUTH PLAIN

function                                             old     new   delta
sendmail_main                                       1335    1307     -28

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

mailutils/sendmail.c

@@ -361,19 +361,35 @@ int sendmail_main(int argc UNUSED_PARAM, char **argv)
 		if (!G.user || !G.pass)
 			get_cred_or_die(4);
 		if (opts & OPT_am_plain) {
-			char *plain_auth;
+			// C: AUTH PLAIN
-			size_t user_len, pass_len;
+			// S: 334
-			user_len = strlen(G.user);
+			// C: base64encoded(auth<NUL>user<NUL>pass)
-			pass_len = strlen(G.pass);
+			// S: 235 2.7.0 Authentication successful
+//Note: a shorter format is allowed:
+// C: AUTH PLAIN base64encoded(auth<NUL>user<NUL>pass)
+// S: 235 2.7.0 Authentication successful
 			smtp_check("AUTH PLAIN", 334);
-			// use \1 as placeholders for \0 (format string is NUL-terminated)
+			{
-			plain_auth = xasprintf("\1%s\1%s", G.user, G.pass);
+				unsigned user_len = strlen(G.user);
-			// substitute placeholders
+				unsigned pass_len = strlen(G.pass);
+				unsigned sz = 1 + user_len + 1 + pass_len;
+				char plain_auth[sz + 1];
+				// the format is:
+				// "authorization identity<NUL>username<NUL>password"
+				// authorization identity is empty.
 				plain_auth[0] = '\0';
-			plain_auth[1 + user_len] = '\0';
+				strcpy(stpcpy(plain_auth + 1, G.user) + 1, G.pass);
-			printbuf_base64(plain_auth, 1 + user_len + 1 + pass_len);
+				printbuf_base64(plain_auth, sz);
-			free(plain_auth);
+			}
 		} else {
+			// C: AUTH LOGIN
+			// S: 334 VXNlcm5hbWU6
+			//        ^^^^^^^^^^^^ server says "Username:"
+			// C: base64encoded(user)
+			// S: 334 UGFzc3dvcmQ6
+			//        ^^^^^^^^^^^^ server says "Password:"
+			// C: base64encoded(pass)
+			// S: 235 2.7.0 Authentication successful
 			smtp_check("AUTH LOGIN", 334);
 			printstr_base64(G.user);
 			smtp_check("", 334);