tinylogin: Fix rotate passwd check logic

Fix rotate passwd check logic which will write data into un-allocated memory. This fixes [YOCTO #735] (From OE-Core rev: 4499beb9ef70d207e0d1f60eae77634a77fc44c3) Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Dongxiao Xu <dongxiao.xu@intel.com> 2011-03-10 12:33:26 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2011-03-10 18:14:25 -0800
commit: 10ce85af3309c9412993dd80c2ef8dedebce11d3 (patch)
tree: 03cd7618cbd4971669cfbbc67f506b238eada269 /meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch
parent: 2c52b652bf00c440d04ff9d3e6423934143e49d6 (diff)
download: poky-10ce85af3309c9412993dd80c2ef8dedebce11d3.tar.gz
1 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch b/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch
new file mode 100644
index 0000000000..c602493afc
--- /dev/null
+++ b/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch
@@ -0,0 +1,39 @@
+Fix rotate check logic
+Rotate passwd checking code has logic error, which writes data into
+un-allocated memory. This patch fixes the issue.
+Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
+diff --git a/libbb/obscure.c b/libbb/obscure.c
+index 750b611..4a07b5f 100644
+--- a/libbb/obscure.c
+++ b/libbb/obscure.c
+@@ -135,7 +135,7 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
+ {
+        const char *msg;
+        char *newmono, *wrapped;
+-       int lenwrap;
+       int lenold, lenwrap;
+ 
+        if (strcmp(newval, old) == 0)
+                return "no change";
+@@ -144,7 +144,8 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
+ 
+        msg = NULL;
+        newmono = str_lower(xstrdup(newval));
+-       lenwrap = strlen(old) * 2 + 1;
+       lenold = strlen(old);
+       lenwrap = lenold * 2 + 1;
+        wrapped = (char *) xmalloc(lenwrap);
+        str_lower(strcpy(wrapped, old));
+ 
+@@ -158,7 +159,7 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
+                msg = "too similiar";
+ 
+        else {
+-               safe_strncpy(wrapped + lenwrap, wrapped, lenwrap + 1);
+               safe_strncpy(wrapped + lenold, wrapped, lenold + 1);
+                if (strstr(wrapped, newmono))
+                        msg = "rotated";
+        }
author	Dongxiao Xu <dongxiao.xu@intel.com>	2011-03-10 12:33:26 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2011-03-10 18:14:25 -0800
commit	10ce85af3309c9412993dd80c2ef8dedebce11d3 (patch)
tree	03cd7618cbd4971669cfbbc67f506b238eada269 /meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch
parent	2c52b652bf00c440d04ff9d3e6423934143e49d6 (diff)
download	poky-10ce85af3309c9412993dd80c2ef8dedebce11d3.tar.gz

diff --git a/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch b/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch new file mode 100644 index 0000000000..c602493afc --- /dev/null +++ b/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch
@@ -0,0 +1,39 @@
	1	Fix rotate check logic
	2
	3	Rotate passwd checking code has logic error, which writes data into
	4	un-allocated memory. This patch fixes the issue.
	5
	6	Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
	7
	8	diff --git a/libbb/obscure.c b/libbb/obscure.c
	9	index 750b611..4a07b5f 100644
	10	--- a/libbb/obscure.c
	11	+++ b/libbb/obscure.c
	12	@@ -135,7 +135,7 @@ password_check(const char old, const char newval, const struct passwd *pwdp)
	13	{
	14	const char *msg;
	15	char newmono, wrapped;
	16	- int lenwrap;
	17	+ int lenold, lenwrap;
	18
	19	if (strcmp(newval, old) == 0)
	20	return "no change";
	21	@@ -144,7 +144,8 @@ password_check(const char old, const char newval, const struct passwd *pwdp)
	22
	23	msg = NULL;
	24	newmono = str_lower(xstrdup(newval));
	25	- lenwrap = strlen(old) * 2 + 1;
	26	+ lenold = strlen(old);
	27	+ lenwrap = lenold * 2 + 1;
	28	wrapped = (char *) xmalloc(lenwrap);
	29	str_lower(strcpy(wrapped, old));
	30
	31	@@ -158,7 +159,7 @@ password_check(const char old, const char newval, const struct passwd *pwdp)
	32	msg = "too similiar";
	33
	34	else {
	35	- safe_strncpy(wrapped + lenwrap, wrapped, lenwrap + 1);
	36	+ safe_strncpy(wrapped + lenold, wrapped, lenold + 1);
	37	if (strstr(wrapped, newmono))
	38	msg = "rotated";
	39	}