On Fri, Feb 11, 2000 at 09:25:09AM -0500, Dave Sill wrote:
} Paul Schinder <[EMAIL PROTECTED]> wrote:
}
} >At 3:21 PM -0500 2/10/00, Dave Sill wrote:
} >>
} >>Solaris 7 SPARC, gcc 2.8.1.
} >
} >Compiler bug, maybe?
}
} Well, I did some "printf" debugging, and it looks like a bug in the
} checkappopw code. It reads the username/password from descriptor 3
} into a string called "up", then sets "login" and "password" to point
} into that string. Later, right before it compares the calculated
} digest to "password", it fills "up" with nulls, clearing "password".
} I commented out the line:
}
} for (i = 0;i < sizeof(up);++i) up[i] = 0;
}
} And it works fine. Are you using checkpw 0.51?
0.50, I think. I don't seem to have the source available on my Suns
any more, but it's still on my Mac, and I installed them around the
same time. It looks as if 0.50 might check the password before
clearing the string, if I read this right:
doit(login);
digest(timestamp,stored);
if (strcmp(encrypted,password)) _exit(1);
for (i = 0;i < sizeof(up);++i) up[i] = 0;
for (;*stored;++stored) *stored = 0;
if (prot_gid((int) pw->pw_gid) == -1) _exit(1);
if (prot_uid((int) pw->pw_uid) == -1) _exit(1);
I assume this will be fixed in 0.52 :-)
}
} Thanks for your help.
}
} -Dave
--
--------
Paul J. Schinder
NASA Goddard Space Flight Center
[EMAIL PROTECTED]
