summaryrefslogtreecommitdiffstats
path: root/src/tools/sss_seed.c
diff options
context:
space:
mode:
authorMichal Zidek <mzidek@redhat.com>2012-10-02 15:06:53 +0200
committerJakub Hrozek <jhrozek@redhat.com>2012-10-03 20:25:09 +0200
commitf0f2ac9ee5a0b83806899cc3636941acb87bbccf (patch)
tree0d694345fe8c8f3adede1b234232b18c932a8714 /src/tools/sss_seed.c
parent2be3f0fb6f38042386975111a1e86e7b5850ac85 (diff)
downloadsssd-f0f2ac9ee5a0b83806899cc3636941acb87bbccf.tar.gz
sssd-f0f2ac9ee5a0b83806899cc3636941acb87bbccf.tar.xz
sssd-f0f2ac9ee5a0b83806899cc3636941acb87bbccf.zip
sss_seed: Passwords longer then PASS_MAX not allowed.
sss_seed fails if password file specified with -p or --password-file option contains password longer than PASS_MAX. Man pages inform about PASS_MAX limitation.
Diffstat (limited to 'src/tools/sss_seed.c')
-rw-r--r--src/tools/sss_seed.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/tools/sss_seed.c b/src/tools/sss_seed.c
index 9b8f69b12..9b1471d7c 100644
--- a/src/tools/sss_seed.c
+++ b/src/tools/sss_seed.c
@@ -263,7 +263,7 @@ static int seed_password_input_file(TALLOC_CTX *mem_ctx,
}
errno = 0;
- len = sss_atomic_read_s(fd, buf, PASS_MAX);
+ len = sss_atomic_read_s(fd, buf, PASS_MAX + 1);
if (len == -1) {
ret = errno;
DEBUG(SSSDBG_MINOR_FAILURE, ("Failed to read password from file "
@@ -274,6 +274,13 @@ static int seed_password_input_file(TALLOC_CTX *mem_ctx,
}
close(fd);
+
+ if (len > PASS_MAX) {
+ ERROR("Password file too big.\n");
+ ret = EINVAL;
+ goto done;
+ }
+
buf[len] = '\0';
/* Only the first line is valid (without '\n'). */