]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 104a6b8)
ask-password-api: refuse control characters in passwords
authorLennart Poettering <lennart@poettering.net>
Wed, 5 Feb 2025 08:39:09 +0000 (09:39 +0100)
committerLennart Poettering <lennart@poettering.net>
Mon, 17 Feb 2025 14:05:18 +0000 (15:05 +0100)
Just some extra safety

src/shared/ask-password-api.c patch | blob | blame | history

diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index 91d8945fd13fe22d135095424ea3633e87d0f952..d1a4f24661eb96401eccee6722a37d0ea388a086 100644 (file)
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -745,9 +745,8 @@ int ask_password_tty(
                         if (ttyfd >= 0)
                                 (void) loop_write(ttyfd, NO_ECHO, SIZE_MAX);
 
-                } else if (p >= sizeof(passphrase)-1) {
-
-                        /* Reached the size limit */
+                } else if (char_is_cc(c) || p >= sizeof(passphrase)-1) {
+                        /* Don't accept control chars or overly long passphrases */
                         if (ttyfd >= 0)
                                 (void) loop_write(ttyfd, "\a", 1);
 
Unnamed repository; edit this file 'description' to name the repository.