diff options
| author | Tobias Stoeckmann <tobias@cvs.openbsd.org> | 2023-05-08 17:15:44 +0000 |
|---|---|---|
| committer | Tobias Stoeckmann <tobias@cvs.openbsd.org> | 2023-05-08 17:15:44 +0000 |
| commit | 8db5e098650918c8c777867f89e4d68cd41b558f (patch) | |
| tree | ca489e2aa1541690c8829067346154a36901e75a | |
| parent | 04eec78252a43f8eee00125698387828298bffb6 (diff) | |
Prevent signed integer overflow
A signed integer overflow could occur after INT_MAX bad password
attempts. Check for unlimited tries first and then increment the
counter. Also consider INT_MAX to be a valid upper limit.
ok millert@
| -rw-r--r-- | usr.bin/passwd/local_passwd.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/usr.bin/passwd/local_passwd.c b/usr.bin/passwd/local_passwd.c index 2cd0c73b874..a1f973fd23f 100644 --- a/usr.bin/passwd/local_passwd.c +++ b/usr.bin/passwd/local_passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: local_passwd.c,v 1.63 2022/02/10 13:06:46 robert Exp $ */ +/* $OpenBSD: local_passwd.c,v 1.64 2023/05/08 17:15:43 tobias Exp $ */ /*- * Copyright (c) 1990 The Regents of the University of California. @@ -202,7 +202,7 @@ getnewpasswd(struct passwd *pw, login_cap_t *lc, int authenticated) pwd_tries = pwd_gettries(lc); - for (newpass[0] = '\0', tries = 0;;) { + for (newpass[0] = '\0', tries = -1;;) { char repeat[1024]; p = readpassphrase("New password:", newpass, sizeof(newpass), @@ -217,7 +217,7 @@ getnewpasswd(struct passwd *pw, login_cap_t *lc, int authenticated) continue; } - if ((tries++ < pwd_tries || pwd_tries == 0) && + if ((pwd_tries == 0 || ++tries < pwd_tries) && pwd_check(lc, p) == 0) continue; p = readpassphrase("Retype new password:", repeat, sizeof(repeat), |