[PATCH] 415 vlock accepts any passwd when using shadow
Tito
farmatito at tiscali.it
Sun Dec 18 14:23:25 UTC 2005
Hi,
This fixes bug 415 vlock accepts any passwd when using shadow.
The bug was due to an incorrect use of sizeof and seems to be there
from the very first Revision 4961 in svn
It was doing something like:
char *crypt_pass;
if (strncmp(/*crypt_pass*/ $1$JM5uGtk7$.NXBAttjSBinwpljyHpm3 ,
/*pw->pw_passwd*/ $1$JM5diUnj$2sdZPvwJe9LOs/hHQXALL.
/*sizeof(crypt_pass)*/ 4) == 0) {
$1$J == $1$J
Always true.
The patch is trivial and tested.
Please apply.
Ciao,
Tito
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vlock_bug_415.patch
Type: text/x-diff
Size: 424 bytes
Desc: not available
Url : http://lists.busybox.net/pipermail/busybox/attachments/20051218/2c5ab8a4/attachment.bin
More information about the busybox
mailing list