[systemd-devel] [PATCH 3/3] Fix askpass buffer overflow
Lennart Poettering
lennart at poettering.net
Mon Mar 24 17:29:10 PDT 2014
On Wed, 12.02.14 23:55, David Härdeman (david at hardeman.nu) wrote:
> Fix askpass overflow in reading a passphrase from a tty.
> Doesn't seem security sensitive, but add a check for correctness.
Ouch, embarassing!
> ---
> src/shared/ask-password-api.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
> index 1c18274..045cff2 100644
> --- a/src/shared/ask-password-api.c
> +++ b/src/shared/ask-password-api.c
> @@ -213,6 +213,11 @@ int ask_password_tty(
> loop_write(ttyfd, "*", 1, false);
>
> dirty = true;
> +
> + if (p >= (sizeof(passphrase) - 1)) {
> + loop_write(ttyfd, "\n", 1, false);
> + break;
> + }
Hmm, we should probably write an \a out and then ignore the char, i
figure... I added such a change now.
Thanks!
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list