Bug 71152 - Passwd --stdin doesn't handle read errors
Summary: Passwd --stdin doesn't handle read errors
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: passwd
Version: 7.3
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Mike McLean
URL:
Whiteboard:
Depends On:
Blocks: 80220
TreeView+ depends on / blocked
 
Reported: 2002-08-09 12:19 UTC by Jarno Huuskonen
Modified: 2007-04-18 16:45 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2005-05-25 15:25:55 UTC
Embargoed:


Attachments (Terms of Use)

Description Jarno Huuskonen 2002-08-09 12:19:12 UTC
Description of Problem:
passwd has --stdin option to take new password from stdin. The passwd code
doesn't seem to handle read errors from stdin:
passwd.c:L370
                char newPassword[80];
                int i;

                i = read(STDIN_FILENO, newPassword,
                         sizeof(newPassword) - 1);
                newPassword[i - 1] = '\0';
                conv.conv = stdin_conv;
                conv.appdata_ptr = strdup(newPassword);

If the read call returns -1 or 0 then the code writes \0 byte out of newPassword
array and copies "random" memory as new password. Fortunately the --stdin option
is restricted to root.


Version-Release number of selected component (if applicable):
Name        : passwd                       Relocations: (not relocateable)
Version     : 0.67                              Vendor: Red Hat, Inc.
Release     : 1                             Build Date: Thu Mar 14 03:44:31 2002

(I looked at the passwd code from RH 6.2 (passwd-0.64.1-1) and it appears to
have the same problem).

Expected result:
passwd should handle possible read error from stdin instead of setting the
password to "junk"

Comment 2 Tomas Mraz 2005-05-25 15:25:55 UTC
This is fixed in the current Fedora Core and RHEL releases.



Note You need to log in before you can comment on or make changes to this bug.