[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Cvs-dev] cvs-passwd patch: weird problem
From: |
Prasad J Pandit |
Subject: |
Re: [Cvs-dev] cvs-passwd patch: weird problem |
Date: |
Tue, 22 Aug 2006 10:54:57 +0530 (IST) |
Hello Larry :)
On Mon, 21 Aug 2006, Larry Jones wrote:
Wrong. You've got a buffer overflow in the salt generation -- it has
Oh Larry, you are a god man, seriously you are a god. How did you find
it? I fixed it, and you won't believe, problem disappeared. What I did is
#deinf SALTSIZE 12 (earlier it was 11)
&
generate_salt ()
{
...
while (i < SALTSIZE)
...
psalt[i -1] = '\0'; /* so we've 11 char salt 0 to 10 and then '\0' */
/* earlier it's like: psalt[i] = '\0'; */
...
}
Oh wow, this is really great! I'm soooo happy!! You know, I've been doing
this for the whole damn week now, man, seriously!
Thank you Larry!, Thank you so much!! :) :)
And you're using crypt() in a non-portable fashion (standard crypt does
not support MD5).
Any other *better* option ?
Thank you!
--
regards
-Prasad
PS: Please don't send me html/attachment/Fwd mails
- [Cvs-dev] cvs-passwd patch: weird problem, Prasad J Pandit, 2006/08/19
- [Cvs-dev] Re: cvs-passwd patch: weird problem, Mark D. Baushke, 2006/08/17
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Mark D. Baushke, 2006/08/19
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Prasad J Pandit, 2006/08/21
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Mark D. Baushke, 2006/08/21
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Prasad J Pandit, 2006/08/21
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Mark D. Baushke, 2006/08/21
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Larry Jones, 2006/08/21
- Re: [Cvs-dev] cvs-passwd patch: weird problem,
Prasad J Pandit <=
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Mark D. Baushke, 2006/08/22
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Prasad J Pandit, 2006/08/22
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Derek R. Price, 2006/08/22
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Larry Jones, 2006/08/22
- Re: [Cvs-dev] cvs-passwd patch: weird problem, Prasad J Pandit, 2006/08/21
Re: [Cvs-dev] cvs-passwd patch: weird problem, Larry Jones, 2006/08/19