[Bug 191511] opiepasswd(1) segfaults with a seed length > 12

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Mon Aug 11 12:27:00 UTC 2014


--- Comment #1 from commit-hook at freebsd.org ---
A commit references this bug:

Author: ache
Date: Mon Aug 11 12:26:49 UTC 2014
New revision: 269806
URL: http://svnweb.freebsd.org/changeset/base/269806

  Fix too long (seed length >12 chars) challenge handling.
  1) " ext" length should be included into OPIE_CHALLENGE_MAX (as all places
  of opie code expects that).
  2) Overflow check in challenge.c is off by 1 even with corrected
  3) When fallback to randomchallenge() happens and rval is 0 (i.e.
  challenge is too long), its value should be set to error state too.

  To demonstrate the bug, run opiepasswd with valid seed:
  opiepasswd -s 1234567890123456
  and notice that it falls back to randomchallenge() (i.e. no
  1234567890123456 in the prompt).

  PR:             191511
  Submitted by:   mitsururike at gmail.com (partially)
  MFC after:      1 week


You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list