svn commit: r280383 - head/sys/boot/forth

Devin Teske dteske at FreeBSD.org
Mon Mar 23 16:31:28 UTC 2015 

Author: dteske
Date: Mon Mar 23 16:31:27 2015
New Revision: 280383
URL: https://svnweb.freebsd.org/changeset/base/280383

Log:
  Prevent password/bootlock_password features of loader.conf(5) from
  locking out everyone in the case of setting a password longer than
  the maximum (currently 16 characters). Now the required password is
  truncated to the maximum input that can be read from the user.
  
  PR:		kern/198760
  MFC after:	3 days
  MFH:		stable/10 stable/9

Modified:
  head/sys/boot/forth/check-password.4th

Modified: head/sys/boot/forth/check-password.4th
==============================================================================
--- head/sys/boot/forth/check-password.4th	Mon Mar 23 16:22:56 2015	(r280382)
+++ head/sys/boot/forth/check-password.4th	Mon Mar 23 16:31:27 2015	(r280383)
@@ -28,15 +28,15 @@ marker task-check-password.4th
 
 include /boot/screen.4th
 
-13 constant enter_key   \ The decimal ASCII value for Enter key
-8  constant bs_key      \ The decimal ASCII value for Backspace key
-16 constant readmax     \ Maximum number of characters for the password
+13 constant enter_key        \ The decimal ASCII value for Enter key
+8  constant bs_key           \ The decimal ASCII value for Backspace key
+16 constant readmax          \ Maximum number of characters for the password
 
-variable readX          \ Current X offset (column)(used by read)
-variable read-start     \ Starting X offset (column)(used by read)
+variable readX               \ Current X offset (column)(used by read)
+variable read-start          \ Starting X offset (column)(used by read)
 
-create readval 16 allot \ input obtained (maximum 16 characters)
-variable readlen        \ input length
+create readval readmax allot \ input obtained (up to readmax characters)
+variable readlen             \ input length
 
 \ This function blocks program flow (loops forever) until a key is pressed.
 \ The key that was pressed is added to the top of the stack in the form of its
@@ -132,6 +132,7 @@ variable readlen        \ input length
 	\ Do not allow the user to proceed beyond this point if a boot-lock
 	\ password has been set (preventing even boot from proceeding)
 	s" bootlock_password" getenv dup -1 <> if
+		dup readmax > if drop readmax then
 		begin
 			s" Boot Password: " read ( prompt -- )
 			2dup readval readlen @ compare 0<>
@@ -154,7 +155,7 @@ variable readlen        \ input length
 	\ Only reached if autoboot fails for any reason (including if/when
 	\ the user aborts/escapes the countdown sequence leading to boot).
 
-	s" password" getenv
+	s" password" getenv dup readmax > if drop readmax then
 	begin
 		s" Password: " read ( prompt -- )
 		2dup readval readlen @ compare 0= if

More information about the svn-src-head mailing list