[BusyBox] patch to login, dmesg and obscure
Vladimir N. Oleynik
dzo at simtreas.ru
Wed Jul 30 07:30:15 UTC 2003
Erik,
>> I've discovered some bugs in the BusyBox unstable branch and since it
>> doesn't seem to fixed in the 1.0.0-pre1 release I created a patch
>> with my changes. Description below:
> * libbb/obscure.c:password_check()
> There was a buffer overflow bug which cased passwd command to
> segfault when invoked by any other than the superuser.
This moment have algoritmicaly problem, not overflow:
strcat(wrapped, wrapped) - may be looped.
Hand patch:
- else if (strstr(strcat(wrapped, wrapped), newmono))
+ else {
+ safe_strncpy(wrapped + lenwrap, wrapped, lenwrap + 1);
+ if (strstr(wrapped, newmono))
+}
--w
vodz
More information about the busybox
mailing list