[systemd-devel] [PATCH 3/3] Fix askpass buffer overflow
David Härdeman
david at hardeman.nu
Wed Feb 12 14:55:21 PST 2014
Fix askpass overflow in reading a passphrase from a tty.
Doesn't seem security sensitive, but add a check for correctness.
---
src/shared/ask-password-api.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index 1c18274..045cff2 100644
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -213,6 +213,11 @@ int ask_password_tty(
loop_write(ttyfd, "*", 1, false);
dirty = true;
+
+ if (p >= (sizeof(passphrase) - 1)) {
+ loop_write(ttyfd, "\n", 1, false);
+ break;
+ }
}
}
More information about the systemd-devel
mailing list