src/passwd.c: inconsistent password length limit

The passwd utility had hardcoded limit for password lenght set
to 200 characters. In the agetpass.c is used PASS_MAX for
this purpose.

This patch moves the PASS_MAX definition to common place
and uses it in both places.

Signed-off-by: Tomas Halman <tomas@halman.net>
This commit is contained in:
Tomas Halman
2024-02-16 09:33:02 +01:00
committed by Serge Hallyn
parent 0259f84583
commit dfb4d8fdf9
3 changed files with 13 additions and 8 deletions
-6
View File
@@ -11,7 +11,6 @@
#include <limits.h>
#include <readpassphrase.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -24,11 +23,6 @@
#endif /* WITH_LIBBSD */
#if !defined(PASS_MAX)
#define PASS_MAX BUFSIZ - 1
#endif
/*
* SYNOPSIS
* [[gnu::malloc(erase_pass)]]
+11
View File
@@ -25,6 +25,7 @@
((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -202,4 +203,14 @@
# define shadow_getenv(name) getenv(name)
#endif
/*
* Maximum password length
*
* Consider that there is also limit in PAM (PAM_MAX_RESP_SIZE)
* currently set to 512.
*/
#if !defined(PASS_MAX)
#define PASS_MAX BUFSIZ - 1
#endif
#endif /* _DEFINES_H_ */
+2 -2
View File
@@ -175,8 +175,8 @@ static int new_password (const struct passwd *pw)
char *cipher; /* Pointer to cipher text */
const char *salt; /* Pointer to new salt */
char *cp; /* Pointer to agetpass() response */
char orig[200]; /* Original password */
char pass[200]; /* New password */
char orig[PASS_MAX + 1]; /* Original password */
char pass[PASS_MAX + 1]; /* New password */
int i; /* Counter for retries */
bool warned;
int pass_max_len = -1;