Re: [systemd-devel] [PATCH 3/3] Fix askpass buffer overflow

Lennart Poettering Mon, 24 Mar 2014 17:30:07 -0700

On Wed, 12.02.14 23:55, David Härdeman (da...@hardeman.nu) wrote:

> Fix askpass overflow in reading a passphrase from a tty.
> Doesn't seem security sensitive, but add a check for correctness.


Ouch, embarassing!

> ---
>  src/shared/ask-password-api.c |    5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
> index 1c18274..045cff2 100644
> --- a/src/shared/ask-password-api.c
> +++ b/src/shared/ask-password-api.c
> @@ -213,6 +213,11 @@ int ask_password_tty(
>                                  loop_write(ttyfd, "*", 1, false);
>  
>                          dirty = true;
> +
> +                     if (p >= (sizeof(passphrase) - 1)) {
> +                             loop_write(ttyfd, "\n", 1, false);
> +                             break;
> +                     }

Hmm, we should probably write an \a out and then ignore the char, i
figure... I added such a change now.

Thanks!

Lennart

-- 
Lennart Poettering, Red Hat
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH 3/3] Fix askpass buffer overflow

Reply via email to