On Sat, 2004-07-31 at 19:01 +1000, Joshua Goodall wrote:
p/t_strdup_until wasn't returning a terminated string:
mem = p_malloc(pool, size + 1); memcpy(mem, start, size);
- mem[size] = '\0'; return mem;
It does, because p_malloc() always allocates zero-filled memory area. Or doesn't it in some conditions?
Noticed while testing $-terminated modular crypt strings, because I didn't (and still don't) understand the reason for line 65 of password-scheme.c; ... /* stop at next '$' */ p = strchr(p+3, '$'); if (p != NULL) *password = t_strdup_until(*password, p); ... and I have ln -s 'J' /etc/malloc.conf on freebsd 5-current, so malloc'd memory isn't zeroed, causing a segfault.
Shouldn't segfault there.. t_strdup_until() anyway doesn't ever even reach to \0 character. Or where exactly does it crash?
Is there some system that appends dollar signs to MCF formats? The commit message for r1.3 of password-scheme.c doesn't explain.
Well .. I don't have any MD5 passwords now so I'm not exatly sure if it's doing right. The code looks like it's expecting a string "$1$salt $password$" and it returns "$1$salt$password". password_generate_md5_crypt() seems to be able to deal with it.
Linux's crypt(3) man page says glibc adds the $ in the end.