diff options
author | Karel Zak | 2018-12-11 14:20:19 +0100 |
---|---|---|
committer | Karel Zak | 2018-12-11 14:20:19 +0100 |
commit | 6245c26ad4e4a7cc97a209a6b237e8c4bd1706a4 (patch) | |
tree | 348470ebdf32e53c1606ab3b19a222773efbaabd /login-utils | |
parent | Merge branch 'fix-couple-warnings' of https://github.com/kerolasa/util-linux (diff) | |
download | kernel-qcow2-util-linux-6245c26ad4e4a7cc97a209a6b237e8c4bd1706a4.tar.gz kernel-qcow2-util-linux-6245c26ad4e4a7cc97a209a6b237e8c4bd1706a4.tar.xz kernel-qcow2-util-linux-6245c26ad4e4a7cc97a209a6b237e8c4bd1706a4.zip |
lslogins: make valid_pwd() more robust
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'login-utils')
-rw-r--r-- | login-utils/lslogins.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/login-utils/lslogins.c b/login-utils/lslogins.c index 280768e7a..cb03272b4 100644 --- a/login-utils/lslogins.c +++ b/login-utils/lslogins.c @@ -611,15 +611,21 @@ static const char *get_pwd_method(const char *str, const char **next, unsigned i #define is_valid_pwd_char(x) (isalnum((unsigned char) (x)) || (x) == '.' || (x) == '/') +/* + * This function do not accept empty passwords or locked accouns. + */ static int valid_pwd(const char *str) { const char *p = str; unsigned int sz = 0, n; + if (!str || !*str) + return 0; + /* $id$ */ if (get_pwd_method(str, &p, &sz) == NULL) return 0; - if (!*p) + if (!p || !*p) return 0; /* salt$ */ @@ -635,7 +641,7 @@ static int valid_pwd(const char *str) return 0; /* encrypted */ - for (n = 0; p && *p; p++, n++) { + for (n = 0; *p; p++, n++) { if (!is_valid_pwd_char(*p)) return 0; } |