42 lines
1.2 KiB
Diff
42 lines
1.2 KiB
Diff
Upstream-Status: Inappropriate [legacy version]
|
|
|
|
Fix rotate check logic
|
|
|
|
Rotate passwd checking code has logic error, which writes data into
|
|
un-allocated memory. This patch fixes the issue.
|
|
|
|
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
|
|
|
|
diff --git a/libbb/obscure.c b/libbb/obscure.c
|
|
index 750b611..4a07b5f 100644
|
|
--- a/libbb/obscure.c
|
|
+++ b/libbb/obscure.c
|
|
@@ -135,7 +135,7 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
|
|
{
|
|
const char *msg;
|
|
char *newmono, *wrapped;
|
|
- int lenwrap;
|
|
+ int lenold, lenwrap;
|
|
|
|
if (strcmp(newval, old) == 0)
|
|
return "no change";
|
|
@@ -144,7 +144,8 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
|
|
|
|
msg = NULL;
|
|
newmono = str_lower(xstrdup(newval));
|
|
- lenwrap = strlen(old) * 2 + 1;
|
|
+ lenold = strlen(old);
|
|
+ lenwrap = lenold * 2 + 1;
|
|
wrapped = (char *) xmalloc(lenwrap);
|
|
str_lower(strcpy(wrapped, old));
|
|
|
|
@@ -158,7 +159,7 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
|
|
msg = "too similiar";
|
|
|
|
else {
|
|
- safe_strncpy(wrapped + lenwrap, wrapped, lenwrap + 1);
|
|
+ safe_strncpy(wrapped + lenold, wrapped, lenold + 1);
|
|
if (strstr(wrapped, newmono))
|
|
msg = "rotated";
|
|
}
|