[Pkg-shadow-commits] r1417 - in upstream/trunk: . src
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Tue Nov 20 12:18:37 UTC 2007
Author: nekral-guest
Date: 2007-11-20 12:18:36 +0000 (Tue, 20 Nov 2007)
New Revision: 1417
Modified:
upstream/trunk/ChangeLog
upstream/trunk/src/passwd.c
Log:
Increase the size of crypt_passwd from 128 to 256 to avoid overflow in
case of SHA512 (161 should be sufficient).
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2007-11-20 12:10:55 UTC (rev 1416)
+++ upstream/trunk/ChangeLog 2007-11-20 12:18:36 UTC (rev 1417)
@@ -1,5 +1,10 @@
2007-11-20 Nicolas François <nicolas.francois at centraliens.net>
+ * src/passwd.c: Increase the size of crypt_passwd from 128 to 256
+ to avoid overflow in case of SHA512 (161 should be sufficient).
+
+2007-11-20 Nicolas François <nicolas.francois at centraliens.net>
+
* lib/prototypes.h, libmisc/salt.c: Add parameters to
crypt_make_salt to force the crypt method and number of rounds.
* libmisc/salt.c: Add parameter to SHA_salt_rounds to force the
Modified: upstream/trunk/src/passwd.c
===================================================================
--- upstream/trunk/src/passwd.c 2007-11-20 12:10:55 UTC (rev 1416)
+++ upstream/trunk/src/passwd.c 2007-11-20 12:18:36 UTC (rev 1417)
@@ -96,7 +96,20 @@
static int do_update_age = 0;
#ifndef USE_PAM
-static char crypt_passwd[128]; /* The "old-style" password, if present */
+/*
+ * Size of the biggest passwd:
+ * $6$ 3
+ * rounds= 7
+ * 999999999 9
+ * $ 1
+ * salt 16
+ * $ 1
+ * SHA512 123
+ * nul 1
+ *
+ * total 161
+ */
+static char crypt_passwd[256];
static int do_update_pwd = 0;
#endif
More information about the Pkg-shadow-commits
mailing list