krb5 commit: Fix ksetpwd password reading loop
Greg Hudson
ghudson at mit.edu
Fri Jan 15 14:24:34 EST 2016
https://github.com/krb5/krb5/commit/8e212581830de2bead06d1b4d7cff8079d97e5a5
commit 8e212581830de2bead06d1b4d7cff8079d97e5a5
Author: Greg Hudson <ghudson at mit.edu>
Date: Thu Jan 14 18:03:40 2016 -0500
Fix ksetpwd password reading loop
In ksetpwd (which we do not install), fix the loop which reads the new
password twice until they match. Previously it would stop with a
dangling pointer to freed memory in new_password if they don't match
on the first try. Reported by Will Fiveash.
src/clients/kpasswd/ksetpwd.c | 16 +++++++---------
1 files changed, 7 insertions(+), 9 deletions(-)
diff --git a/src/clients/kpasswd/ksetpwd.c b/src/clients/kpasswd/ksetpwd.c
index 5f9c982..2aafb6c 100644
--- a/src/clients/kpasswd/ksetpwd.c
+++ b/src/clients/kpasswd/ksetpwd.c
@@ -227,7 +227,7 @@ static int init_creds()
int main( int argc, char ** argv )
{
- char * new_password = NULL;
+ char * new_password;
char * new_password2;
krb5_context kcontext;
krb5_error_code kerr;
@@ -266,17 +266,15 @@ int main( int argc, char ** argv )
/*
** get the new password -
*/
- while( !new_password )
+ for (;;)
{
new_password = getpass("Enter new password: ");
new_password2 = getpass("Verify new password: ");
- if( strcmp( new_password, new_password2 ) )
- {
- printf("Passwords do not match\n");
- free( new_password );
- free( new_password2 );
- continue;
- }
+ if( strcmp( new_password, new_password2 ) == 0)
+ break;
+ printf("Passwords do not match\n");
+ free( new_password );
+ free( new_password2 );
}
/*
** change the password -
More information about the cvs-krb5
mailing list