]> git.ipfire.org Git - thirdparty/shadow.git/commitdiff
projects / thirdparty / shadow.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dfb4d8f)
src/passwd.c: check password length upper limit
authorTomas Halman <tomas@halman.net>
Fri, 16 Feb 2024 08:52:39 +0000 (09:52 +0100)
committerSerge Hallyn <serge@hallyn.com>
Fri, 16 Feb 2024 21:46:08 +0000 (15:46 -0600)
The passwd silently truncated the password length to PASS_MAX.
This patch introduces check that prints an error message
and exits the call.

Signed-off-by: Tomas Halman <tomas@halman.net>
src/passwd.c patch | blob | blame | history

diff --git a/src/passwd.c b/src/passwd.c
index 3e0a6eb81aeb83fcc61b6b8c36742d632699267e..1c1f8bfd191e34932f59b0da40cc94bd3cf65790 100644 (file)
--- a/src/passwd.c
+++ b/src/passwd.c
@@ -178,6 +178,7 @@ static int new_password (const struct passwd *pw)
        char orig[PASS_MAX + 1];        /* Original password */
        char pass[PASS_MAX + 1];        /* New password */
        int i;                  /* Counter for retries */
+       int ret;
        bool warned;
        int pass_max_len = -1;
        const char *method;
@@ -276,8 +277,13 @@ static int new_password (const struct passwd *pw)
                if (NULL == cp) {
                        return -1;
                }
-               STRTCPY (pass, cp);
+               ret = STRTCPY (pass, cp);
                erase_pass (cp);
+               if (ret == -1) {
+                       (void) fputs (_("Password is too long.\n"), stderr);
+                       MEMZERO(pass);
+                       return -1;
+               }
        } else {
                warned = false;
                for (i = getdef_num ("PASS_CHANGE_TRIES", 5); i > 0; i--) {
@@ -290,8 +296,14 @@ static int new_password (const struct passwd *pw)
                        if (warned && (strcmp (pass, cp) != 0)) {
                                warned = false;
                        }
-                       STRTCPY(pass, cp);
+                       ret = STRTCPY (pass, cp);
                        erase_pass (cp);
+                       if (ret == -1) {
+                               (void) fputs (_("Password is too long.\n"), stderr);
+                               MEMZERO(orig);
+                               MEMZERO(pass);
+                               return -1;
+                       }
 
                        if (!amroot && !obscure(orig, pass, pw)) {
                                (void) puts (_("Try again."));
Mirror of https://github.com/shadow-maint/shadow.git