22 May
2004
22 May
'04
6:18 a.m.
On Tue, 2004-05-18 at 17:20, Johannes Berg wrote:
That doesn't look very good code .. Looks like if it was possible for user to set wanted seed there would be several buffer overflows. But I guess normally it's not?
I'm not sure I understand you. opiepasswd allows you to set the seed when changing your otp settings. I guess I'll need to look at the code, though I'm not really a C wizard nor very knowledgeable about insecure C code. Can you explain further what possible problems you see?
opiepasswd checks that the seed is valid size so it's kind of safe, but if you were able to directly modify the database and add a larger seed than normally allowed, the password verifying code could overflow some buffers.