d0kuhn/mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1254 from ccvca/fix_passwd_len

Browse Source 
Fix password input when MAX_BUFFER_LEN is not 1024 in mosquitto_passwd.c
This commit is contained in:
Roger Light 2019-08-01 10:18:34 +01:00 committed by GitHub
commit 07d2504bf5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/mosquitto_passwd.c
View File

@ -339,13 +339,15 @@ int gets_quiet(char *s, int len)
#endif
}
int get_password(char *password, int len)
int get_password(char *password, size_t len)
{
char pw1[MAX_BUFFER_LEN], pw2[MAX_BUFFER_LEN];
size_t minLen;
minLen = len < MAX_BUFFER_LEN ? len : MAX_BUFFER_LEN;
printf("Password: ");
fflush(stdout);
if(gets_quiet(pw1, MAX_BUFFER_LEN)){
if(gets_quiet(pw1, minLen)){
fprintf(stderr, "Error: Empty password.\n");
return 1;
}
@ -353,7 +355,7 @@ int get_password(char *password, int len)
printf("Reenter password: ");
fflush(stdout);
if(gets_quiet(pw2, MAX_BUFFER_LEN)){
if(gets_quiet(pw2, minLen)){
fprintf(stderr, "Error: Empty password.\n");
return 1;
}
@ -364,7 +366,7 @@ int get_password(char *password, int len)
return 1;
}
strncpy(password, pw1, len);
strncpy(password, pw1, minLen);
return 0;
}
@ -526,7 +528,7 @@ int main(int argc, char *argv[])
#endif
if(create_new){
rc = get_password(password, 1024);
rc = get_password(password, MAX_BUFFER_LEN);
if(rc){
free(password_file);
return rc;
@ -581,7 +583,7 @@ int main(int argc, char *argv[])
/* Update password for individual user */
rc = update_pwuser(fptr, ftmp, username, password_cmd);
}else{
rc = get_password(password, 1024);
rc = get_password(password, MAX_BUFFER_LEN);
if(rc){
fclose(fptr);
fclose(ftmp);