getpass fgets check

Denys Vlasenko vda.linux at googlemail.com
Fri Dec 23 12:52:08 UTC 2011


On Tue, Dec 20, 2011 at 8:43 AM, Daniel Wainwright
<wainwright.daniel at gmail.com> wrote:
> Hi,
>
> I believe there is a simple error in getpass.c, line 80:
>
>  static char buf[PWD_BUFFER_SIZE];
>
>  ...
>
>  /* Read the password.  */
>  fgets (buf, PWD_BUFFER_SIZE-1, in);
>  if (buf != NULL)
>
>  ...
>
>
>
> So the result of fgets is not being checked here, results in reading the
> buffer uninitialised below.

And also this gem:

      nread = strlen(buf);
      if (nread < 0)
        buf[0] = '\0';

strlen < 0?!  :D

-- 
vda


More information about the uClibc mailing list