[systemd-devel] [PATCH 3/4] Fix askpass buffer overflow

David Härdeman david at hardeman.nu
Mon Feb 3 15:57:41 PST 2014


Fix askpass overflow in reading a passphrase from a tty.
Doesn't seem security sensitive, but add a check for correctness.
---
 src/shared/ask-password-api.c |    5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index 553debc..499ec84 100644
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -213,6 +213,11 @@ int ask_password_tty(
                                 loop_write(ttyfd, "*", 1, false);
 
                         dirty = true;
+
+			if (p >= (sizeof(passphrase) - 1)) {
+				loop_write(ttyfd, "\n", 1, false);
+				break;
+			}
                 }
         }
 



More information about the systemd-devel mailing list