On Wed, 12.02.14 23:55, David Härdeman ([email protected]) wrote:
> Fix askpass overflow in reading a passphrase from a tty.
> Doesn't seem security sensitive, but add a check for correctness.
Ouch, embarassing!
> ---
> src/shared/ask-password-api.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
> index 1c18274..045cff2 100644
> --- a/src/shared/ask-password-api.c
> +++ b/src/shared/ask-password-api.c
> @@ -213,6 +213,11 @@ int ask_password_tty(
> loop_write(ttyfd, "*", 1, false);
>
> dirty = true;
> +
> + if (p >= (sizeof(passphrase) - 1)) {
> + loop_write(ttyfd, "\n", 1, false);
> + break;
> + }
Hmm, we should probably write an \a out and then ignore the char, i
figure... I added such a change now.
Thanks!
Lennart
--
Lennart Poettering, Red Hat
_______________________________________________
systemd-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
