getpass fgets check

Peter Mazinger ps.m at gmx.net
Tue Dec 20 21:35:44 UTC 2011 

Hi,

this way we do not use the PWD_BUFFER_SIZE dependency, either we ignore it (and remove it as config option) or we consider it mandatory if defined

Regards, Peter
-------- Original-Nachricht --------
> Datum: Tue, 20 Dec 2011 06:40:28 -0600
> Von: William Pitcock <nenolod at dereferenced.org>
> An: Joakim Tjernlund <joakim.tjernlund at transmode.se>
> CC: uclibc at uclibc.org
> Betreff: Re: getpass fgets check

> Hi,
> 
> On Tue, Dec 20, 2011 at 2:43 AM, Joakim Tjernlund
> <joakim.tjernlund at transmode.se> wrote:
> >> From: Daniel Wainwright <wainwright.daniel at gmail.com>
> >> To: uclibc at uclibc.org
> >> Date: 2011/12/20 08:44
> >> Subject: getpass fgets check
> >> Sent by: uclibc-bounces at uclibc.org
> >>
> >> Hi,
> >>
> >> I believe there is a simple error in getpass.c, line 80:
> >>
> >>
> >>
> >>   static char buf[PWD_BUFFER_SIZE];
> >>
> >>   ...
> >>
> >>   /* Read the password.  */
> >>   fgets (buf, PWD_BUFFER_SIZE-1, in);
> >>   if (buf != NULL)
> >>
> >>   ...
> >>
> >>
> >>
> >> So the result of fgets is not being checked here, results in reading
> the
> >> buffer uninitialised below.
> >
> > yes, and I think(if max passwd len is important) that it should read
> >  fgets (buf, PWD_BUFFER_SIZE, in)
> > as fgets man page says:
> >       fgets() reads in at most one less than size characters from
> stream  and
> >       stores  them  into  the buffer pointed to by s.
> 
> I think that using 'sizeof buf' is cleaner and more futureproof than
> depending on PWD_BUFFER_SIZE.  Something like this should cleanly fix
> the potential usage of buf whilst in uninitialized state:
> 
> diff --git a/libc/unistd/getpass.c b/libc/unistd/getpass.c
> index 8d80182..b8cb640 100644
> --- a/libc/unistd/getpass.c
> +++ b/libc/unistd/getpass.c
> @@ -76,9 +76,11 @@ char * getpass (const char *prompt)
>    fputs(prompt, out);
>    fflush(out);
> 
> -  /* Read the password.  */
> -  fgets (buf, PWD_BUFFER_SIZE-1, in);
> -  if (buf != NULL)
> +  /* Read the password, ensuring buf is initialized first as fgets() may
> not
> +     touch the buffer itself. */
> +  *buf = '\0';
> +  fgets (buf, sizeof buf, in);
> +  if (*buf != '\0')
>      {
>        nread = strlen(buf);
>        if (nread < 0)
> 
> Please test and see if that fixes your problem.
> 
> William
> _______________________________________________
> uClibc mailing list
> uClibc at uclibc.org
> http://lists.busybox.net/mailman/listinfo/uclibc

-- 
NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!		
Jetzt informieren: http://www.gmx.net/de/go/freephone

More information about the uClibc mailing list