[29260] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix ksetpwd password reading loop
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Jan 15 14:24:39 2016
Date: Fri, 15 Jan 2016 14:24:34 -0500
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201601151924.u0FJOY5W020970@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/8e212581830de2bead06d1b4d7cff8079d97e5a5
commit 8e212581830de2bead06d1b4d7cff8079d97e5a5
Author: Greg Hudson <ghudson@mit.edu>
Date: Thu Jan 14 18:03:40 2016 -0500
Fix ksetpwd password reading loop
In ksetpwd (which we do not install), fix the loop which reads the new
password twice until they match. Previously it would stop with a
dangling pointer to freed memory in new_password if they don't match
on the first try. Reported by Will Fiveash.
src/clients/kpasswd/ksetpwd.c | 16 +++++++---------
1 files changed, 7 insertions(+), 9 deletions(-)
diff --git a/src/clients/kpasswd/ksetpwd.c b/src/clients/kpasswd/ksetpwd.c
index 5f9c982..2aafb6c 100644
--- a/src/clients/kpasswd/ksetpwd.c
+++ b/src/clients/kpasswd/ksetpwd.c
@@ -227,7 +227,7 @@ static int init_creds()
int main( int argc, char ** argv )
{
- char * new_password = NULL;
+ char * new_password;
char * new_password2;
krb5_context kcontext;
krb5_error_code kerr;
@@ -266,17 +266,15 @@ int main( int argc, char ** argv )
/*
** get the new password -
*/
- while( !new_password )
+ for (;;)
{
new_password = getpass("Enter new password: ");
new_password2 = getpass("Verify new password: ");
- if( strcmp( new_password, new_password2 ) )
- {
- printf("Passwords do not match\n");
- free( new_password );
- free( new_password2 );
- continue;
- }
+ if( strcmp( new_password, new_password2 ) == 0)
+ break;
+ printf("Passwords do not match\n");
+ free( new_password );
+ free( new_password2 );
}
/*
** change the password -
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
