Re: [hackers] [ubase][PATCH] passwd: fix crashes when authentication is unnecessary.
El mar., 25 sep. 2018 02:18, Quentin Rameau <quinq_AT_fifth.space> escribió:
> Hey Mario,
>
> > - p = crypt(inpass, prevhash);
> > - if (!p)
> > - eprintf("crypt:");
> > - if (cryptpass1 && strcmp(cryptpass1, p) == 0)
> > - eprintf("password left unchanged\n");
> > + if (cryptpass1) {
>
> ^--- for more clarity, maybe check against prevhash instead?
>
That makes sense.
>
> > + p = crypt(inpass, prevhash);
> > + if (!p)
> > + eprintf("crypt:");
> > + if (strcmp(cryptpass1, p) == 0)
> > + eprintf("password left unchanged\n");
> > + }
>
>
Received on Tue Sep 25 2018 - 20:34:46 CEST
This archive was generated by hypermail 2.3.0
: Tue Sep 25 2018 - 20:36:22 CEST