[Pkg-samba-maint] r1432 - trunk/samba/debian/patches

bubulle at alioth.debian.org bubulle at alioth.debian.org
Wed May 30 21:17:02 UTC 2007


Author: bubulle
Date: 2007-05-30 21:17:02 +0000 (Wed, 30 May 2007)
New Revision: 1432

Added:
   trunk/samba/debian/patches/hide_password_length.patch
Modified:
   trunk/samba/debian/patches/series
Log:
Split out samba.patch again. One chunk is more or less identified while the
remaining one is still unknown


Added: trunk/samba/debian/patches/hide_password_length.patch
===================================================================
--- trunk/samba/debian/patches/hide_password_length.patch	                        (rev 0)
+++ trunk/samba/debian/patches/hide_password_length.patch	2007-05-30 21:17:02 UTC (rev 1432)
@@ -0,0 +1,42 @@
+Goal: Seems to be meant to avoid one to guess the password's length
+      by how many Xs are left in the argv buffer
+
+Fixes: some paranoid coniderations?
+
+Status wrt upstream: Forwarded on 2007/05/30
+
+Author: Unknown
+
+Note: 
+
+Index: samba-3.0.25a/source/client/smbmount.c
+===================================================================
+--- samba-3.0.25a.orig/source/client/smbmount.c	2007-05-26 07:45:39.744216228 +0200
++++ samba-3.0.25a/source/client/smbmount.c	2007-05-26 07:46:32.692638041 +0200
+@@ -768,7 +768,7 @@
+ 					*lp = 0;
+ 					pstrcpy(password,lp+1);
+ 					got_pass = True;
+-					memset(strchr_m(opteq+1,'%')+1,'X',strlen(password));
++					memset(strchr_m(opteq+1,'%')+1,'\0',strlen(password));
+ 				}
+ 				if ((lp=strchr_m(username,'/'))) {
+ 					*lp = 0;
+@@ -778,7 +778,7 @@
+ 				  !strcmp(opts, "password")) {
+ 				pstrcpy(password,opteq+1);
+ 				got_pass = True;
+-				memset(opteq+1,'X',strlen(password));
++				memset(opteq+1,'\0',strlen(password));
+ 			} else if(!strcmp(opts, "credentials")) {
+ 				pstrcpy(credentials,opteq+1);
+ 			} else if(!strcmp(opts, "netbiosname")) {
+@@ -892,7 +892,7 @@
+ 			*p = 0;
+ 			pstrcpy(password,p+1);
+ 			got_pass = True;
+-			memset(strchr_m(getenv("USER"),'%')+1,'X',strlen(password));
++			memset(strchr_m(getenv("USER"),'%')+1,'\0',strlen(password));
+ 		}
+ 		strupper_m(username);
+ 	}

Modified: trunk/samba/debian/patches/series
===================================================================
--- trunk/samba/debian/patches/series	2007-05-30 20:49:39 UTC (rev 1431)
+++ trunk/samba/debian/patches/series	2007-05-30 21:17:02 UTC (rev 1432)
@@ -7,6 +7,7 @@
 non-linux-ports.patch
 pam-examples.patch
 README_nosmbldap-tools.patch
+hide_password_length.patch
 samba.patch
 no_smbmount_symlink.patch
 smbclient-pager.patch




More information about the Pkg-samba-maint mailing list