diff options
Diffstat (limited to 'meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch')
-rw-r--r-- | meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch b/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch deleted file mode 100644 index 513ee5e..0000000 --- a/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch +++ /dev/null @@ -1,41 +0,0 @@ -Upstream-Status: Inappropriate [legacy version] - -Fix rotate check logic - -Rotate passwd checking code has logic error, which writes data into -un-allocated memory. This patch fixes the issue. - -Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com> - -diff --git a/libbb/obscure.c b/libbb/obscure.c -index 750b611..4a07b5f 100644 ---- a/libbb/obscure.c -+++ b/libbb/obscure.c -@@ -135,7 +135,7 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp) - { - const char *msg; - char *newmono, *wrapped; -- int lenwrap; -+ int lenold, lenwrap; - - if (strcmp(newval, old) == 0) - return "no change"; -@@ -144,7 +144,8 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp) - - msg = NULL; - newmono = str_lower(xstrdup(newval)); -- lenwrap = strlen(old) * 2 + 1; -+ lenold = strlen(old); -+ lenwrap = lenold * 2 + 1; - wrapped = (char *) xmalloc(lenwrap); - str_lower(strcpy(wrapped, old)); - -@@ -158,7 +159,7 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp) - msg = "too similiar"; - - else { -- safe_strncpy(wrapped + lenwrap, wrapped, lenwrap + 1); -+ safe_strncpy(wrapped + lenold, wrapped, lenold + 1); - if (strstr(wrapped, newmono)) - msg = "rotated"; - } |