[Dovecot] Patch: fix $-terminated MCF
Timo Sirainen
tss at iki.fi
Sat Jul 31 12:32:03 EEST 2004
On Sat, 2004-07-31 at 19:01 +1000, Joshua Goodall wrote:
> p/t_strdup_until wasn't returning a terminated string:
> mem = p_malloc(pool, size + 1);
> memcpy(mem, start, size);
> + mem[size] = '\0';
> return mem;
It does, because p_malloc() always allocates zero-filled memory area. Or
doesn't it in some conditions?
> Noticed while testing $-terminated modular crypt strings, because
> I didn't (and still don't) understand the reason for line 65 of
> password-scheme.c;
> ...
> /* stop at next '$' */
> p = strchr(p+3, '$');
> if (p != NULL)
> *password = t_strdup_until(*password, p);
> ...
> and I have ln -s 'J' /etc/malloc.conf on freebsd 5-current, so
> malloc'd memory isn't zeroed, causing a segfault.
Shouldn't segfault there.. t_strdup_until() anyway doesn't ever even
reach to \0 character. Or where exactly does it crash?
> Is there some system that appends dollar signs to MCF formats?
> The commit message for r1.3 of password-scheme.c doesn't explain.
Well .. I don't have any MD5 passwords now so I'm not exatly sure if
it's doing right. The code looks like it's expecting a string "$1$salt
$password$" and it returns "$1$salt$password".
password_generate_md5_crypt() seems to be able to deal with it.
Linux's crypt(3) man page says glibc adds the $ in the end.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20040731/71ad9a45/attachment-0001.bin>
More information about the dovecot
mailing list