41f23f3992
1) " ext" length should be included into OPIE_CHALLENGE_MAX (as all places of opie code expects that). 2) Overflow check in challenge.c is off by 1 even with corrected OPIE_CHALLENGE_MAX 3) When fallback to randomchallenge() happens and rval is 0 (i.e. challenge is too long), its value should be set to error state too. To demonstrate the bug, run opiepasswd with valid seed: opiepasswd -s 1234567890123456 and notice that it falls back to randomchallenge() (i.e. no 1234567890123456 in the prompt). PR: 191511 Submitted by: mitsururike@gmail.com (partially) MFC after: 1 week |
||
|---|---|---|
| .. | ||
| accessfile.c | ||
| atob8.c | ||
| btoa8.c | ||
| btoe.c | ||
| btoh.c | ||
| challenge.c | ||
| generator.c | ||
| getsequence.c | ||
| getutmpentry.c | ||
| hash.c | ||
| hashlen.c | ||
| insecure.c | ||
| keycrunch.c | ||
| lock.c | ||
| login.c | ||
| logwtmp.c | ||
| lookup.c | ||
| Makefile.in | ||
| md4c.c | ||
| md5c.c | ||
| newseed.c | ||
| open.c | ||
| parsechallenge.c | ||
| passcheck.c | ||
| passwd.c | ||
| randomchallenge.c | ||
| readpass.c | ||
| readrec.c | ||
| unlock.c | ||
| verify.c | ||
| version.c | ||
| writerec.c | ||