[BusyBox] passwd seg fault

Ronny L Nilsson bb at arbetsmyra.dyndns.org
Tue Aug 19 21:06:58 UTC 2003 

> This was discussed a while back for pre1, but it is still tru fro
> pre2. Any ideas on this (running on an arm, can supply more info if
> necessary):
>
> bash-2.04# passwd jayanthi
> Changing password for jayanthi
> Enter the new password (minimum of 5, maximum of 8 characters)
> Please use a combination of upper and lower case letters and numbers.
> Enter new password:
> Re-enter new password:
> passwd: memory violation at pc=0x0205411c, lr=0x0000001f (bad
> address=0x0000000)
> pc : [<0205411c>]    lr : [<0000001f>]
> sp : bffffc60  ip : 020b8c13  fp : bffffc6c
> r10: 00000000  r9 : 00000000  r8 : 00000001
> r7 : 020b8554  r6 : bffffc80  r5 : bffffd48  r4 : 020b8c14
> r3 : 020b8c94  r2 : 0000007f  r1 : 00000000  r0 : 020b8c14
> Flags: nzCv  IRQs on  FIQs on  Mode USER_32  Segment user
> Control: 017D  Table: C0308015  DAC: 00000015
> Function entered at [<020540e4>] from [<02039f44>]
> Function entered at [<0203dad4>] from [<02000104>]
>   r10 = 00000000  r8 = 00000000  r7 = 00000000  r6 = 00000000
>   r5 = 00000000  r4 = 00000000
> Segmentation fault



hi
yes. I still belive my former patch to libbb/obscure.c:password_check() 
was right (although vodz didn't agree).... Perhaps you can give this 
one below a try?

/Ronny

P.S. Try invoking passwd with exactly the same arguments again, since 
some (short) args tend to slip through.










-------------- next part --------------
diff -upr t1/busybox-1.00-pre2/libbb/obscure.c busybox-1.00-pre2/libbb/obscure.c
--- t1/busybox-1.00-pre2/libbb/obscure.c	2003-07-30 09:57:06.000000000 +0200
+++ busybox-1.00-pre2/libbb/obscure.c	2003-08-19 21:09:19.000000000 +0200
@@ -144,9 +144,9 @@ password_check(const char *old, const ch
 
 	msg = NULL;
 	newmono = str_lower(bb_xstrdup(newval));
-	lenwrap = strlen(old) * 2 + 1;
-	wrapped = (char *) xmalloc(lenwrap);
-	str_lower(strcpy(wrapped, old));
+	lenwrap = strlen(old);
+	wrapped = (char *) xmalloc(lenwrap * 2 + 1);
+	strcpy(wrapped, newmono);
 
 	if (palindrome(newmono))
 		msg = "a palindrome";
@@ -157,11 +157,8 @@ password_check(const char *old, const ch
 	else if (similiar(wrapped, newmono))
 		msg = "too similiar";
 
-	else {
-		safe_strncpy(wrapped + lenwrap, wrapped, lenwrap + 1);
-		if (strstr(wrapped, newmono))
+	else if (strstr(safe_strncpy(wrapped+lenwrap, wrapped, lenwrap + 1), newmono)) {
 			msg = "rotated";
-	}
 
 	bzero(newmono, strlen(newmono));
 	bzero(wrapped, lenwrap);

More information about the busybox mailing list