Increase the size of crypt_passwd from 128 to 256 to avoid overflow in

case of SHA512 (161 should be sufficient).
2007-11-20 12:18:36 +00:00
parent 63a4e65ca1
commit 5cb462d767
2 changed files with 19 additions and 1 deletions
--- a/src/passwd.c
+++ b/src/passwd.c
@@ -96,7 +96,20 @@ static long inact = 0;		/* Days without change before locked */
 static int do_update_age = 0;

 #ifndef USE_PAM
-static char crypt_passwd[128];	/* The "old-style" password, if present */
+/*
+ * Size of the biggest passwd:
+ *   $6$	3
+ *   rounds=	7
+ *   999999999	9
+ *   $		1
+ *   salt	16
+ *   $		1
+ *   SHA512	123
+ *   nul	1
+ *
+ *   total	161
+ */
+static char crypt_passwd[256];
 static int do_update_pwd = 0;
 #endif