From 3029883888266d7121bb267c6cf4ad79b6f2c144 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Sat, 29 Jul 2023 18:11:02 +0200 Subject: [PATCH] passwd: Replace STRFCPY() by STRLCPY() MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The variables are only being read as strings (char *), so data after the '\0' can't be leaked. Cc: Christian Göttsche Cc: Serge Hallyn Cc: Iker Pedrosa Signed-off-by: Alejandro Colomar --- src/passwd.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/passwd.c b/src/passwd.c index 673282cfb..ab5e5307a 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -31,6 +31,7 @@ #include "pwio.h" #include "shadowio.h" #include "shadowlog.h" +#include "strlcpy.h" /* * exit status values @@ -239,7 +240,7 @@ static int new_password (const struct passwd *pw) pw->pw_name); return -1; } - STRFCPY (orig, clear); + STRLCPY(orig, clear); erase_pass (clear); strzero (cipher); } else { @@ -301,7 +302,7 @@ static int new_password (const struct passwd *pw) if (warned && (strcmp (pass, cp) != 0)) { warned = false; } - STRFCPY (pass, cp); + STRLCPY(pass, cp); erase_pass (cp); if (!amroot && (!obscure (orig, pass, pw) || reuse (pass, pw))) { @@ -358,7 +359,7 @@ static int new_password (const struct passwd *pw) #ifdef HAVE_LIBCRACK_HIST HistUpdate (pw->pw_name, crypt_passwd); #endif /* HAVE_LIBCRACK_HIST */ - STRFCPY (crypt_passwd, cp); + STRLCPY(crypt_passwd, cp); return 0; } @@ -1029,7 +1030,7 @@ int main (int argc, char **argv) * If there are no other flags, just change the password. */ if (!anyflag) { - STRFCPY (crypt_passwd, cp); + STRLCPY(crypt_passwd, cp); /* * See if the user is permitted to change the password. -- 2.47.2