From 9d5591fba90f69bcbd273fb76cccb722953334fb Mon Sep 17 00:00:00 2001
From: Tomas Halman <tomas@halman.net>
Date: Fri, 16 Feb 2024 09:52:39 +0100
Subject: [PATCH] src/passwd.c: check password length upper limit

The passwd silently truncated the password length to PASS_MAX.
This patch introduces check that prints an error message
and exits the call.

Signed-off-by: Tomas Halman <tomas@halman.net>
Reviewed-by: Alejandro Colomar <alx@kernel.org>
Cherry-picked-from: f024002b3d66 ("src/passwd.c: inconsistent password length limit")
Cc: Serge Hallyn <serge@hallyn.com>
Link: <https://github.com/shadow-maint/shadow/pull/953>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---
 src/passwd.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/passwd.c b/src/passwd.c
index 4549d95d7..ee25373b9 100644
--- a/src/passwd.c
+++ b/src/passwd.c
@@ -195,6 +195,7 @@ static int new_password (const struct passwd *pw)
 	char orig[PASS_MAX + 1];	/* Original password */
 	char pass[PASS_MAX + 1];	/* New password */
 	int i;			/* Counter for retries */
+	int ret;
 	bool warned;
 	int pass_max_len = -1;
 	const char *method;
@@ -300,8 +301,14 @@ static int new_password (const struct passwd *pw)
 		if (warned && (strcmp (pass, cp) != 0)) {
 			warned = false;
 		}
-		STRFCPY (pass, cp);
+		ret = STRTCPY (pass, cp);
 		erase_pass (cp);
+		if (ret == -1) {
+			(void) fputs (_("Password is too long.\n"), stderr);
+			memzero (orig, sizeof orig);
+			memzero (pass, sizeof pass);
+			return -1;
+		}
 
 		if (!amroot && (!obscure (orig, pass, pw) || reuse (pass, pw))) {
 			(void) puts (_("Try again."));
-- 
2.47.3