From: Greg Hudson <ghudson@mit.edu>
Date: Thu, 14 Jan 2016 23:03:40 +0000 (-0500)
Subject: Fix ksetpwd password reading loop
X-Git-Tag: krb5-1.15-beta1~286
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F397%2Fhead;p=thirdparty%2Fkrb5.git

Fix ksetpwd password reading loop

In ksetpwd (which we do not install), fix the loop which reads the new
password twice until they match.  Previously it would stop with a
dangling pointer to freed memory in new_password if they don't match
on the first try.  Reported by Will Fiveash.
---

diff --git a/src/clients/kpasswd/ksetpwd.c b/src/clients/kpasswd/ksetpwd.c
index 5f9c982614..2aafb6cede 100644
--- a/src/clients/kpasswd/ksetpwd.c
+++ b/src/clients/kpasswd/ksetpwd.c
@@ -227,7 +227,7 @@ static int init_creds()
 
 int main( int argc, char ** argv )
 {
-    char * new_password = NULL;
+    char * new_password;
     char * new_password2;
     krb5_context    kcontext;
     krb5_error_code kerr;
@@ -266,17 +266,15 @@ int main( int argc, char ** argv )
 /*
 ** get the new password -
 */
-    while( !new_password )
+    for (;;)
     {
         new_password = getpass("Enter new password: ");
         new_password2 = getpass("Verify new password: ");
-        if( strcmp( new_password, new_password2 ) )
-        {
-            printf("Passwords do not match\n");
-            free( new_password );
-            free( new_password2 );
-            continue;
-        }
+        if( strcmp( new_password, new_password2 ) == 0)
+            break;
+        printf("Passwords do not match\n");
+        free( new_password );
+        free( new_password2 );
     }
 /*
 ** change the password -