Re: [hackers] [ubase][PATCH] passwd: fix crashes when authentication is unnecessary.

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Quentin Rameau <quinq_AT_fifth.space>
Date: Tue, 25 Sep 2018 07:16:12 +0200

Hey Mario,

> - p = crypt(inpass, prevhash);
> - if (!p)
> - eprintf("crypt:");
> - if (cryptpass1 && strcmp(cryptpass1, p) == 0)
> - eprintf("password left unchanged\n");
> + if (cryptpass1) {

^--- for more clarity, maybe check against prevhash instead?

> + p = crypt(inpass, prevhash);
> + if (!p)
> + eprintf("crypt:");
> + if (strcmp(cryptpass1, p) == 0)
> + eprintf("password left unchanged\n");
> + }
Received on Tue Sep 25 2018 - 07:16:12 CEST

This message: [ Message body ]
Next message: Silvan Jegen: "Re: [hackers] [PATCH][sbase] find: fix flag setting"
Previous message: Quentin Rameau: "Re: [hackers] [ubase][PATCH] passwd: fix crashes for unencrypted passwords starting with 'x'."
In reply to: Mario J. Rugiero: "[hackers] [ubase][PATCH] passwd: fix crashes when authentication is unnecessary."
Next in thread: Mario Rugiero: "Re: [hackers] [ubase][PATCH] passwd: fix crashes when authentication is unnecessary."
Reply: Mario Rugiero: "Re: [hackers] [ubase][PATCH] passwd: fix crashes when authentication is unnecessary."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

This archive was generated by hypermail 2.3.0 : Tue Sep 25 2018 - 07:24:21 CEST