strcpy(rest, hash + 5) -> strncpy?

skx / pam_pwnd

A PAM module to test passwords against previous leaks at haveibeenpwned.com

https://blog.steve.fi/tags/haveibeenpwned/

BSD 2-Clause "Simplified" License

36 stars 3 forks source link

Closed AlexanderKurtz closed 6 years ago

AlexanderKurtz commented 6 years ago

It might be a good idea to replace this with strncpy() since the was_leaked() function never checks the string length of hash.

skx commented 6 years ago

That's a good catch, thank-you for reading the code so carefully.

I've used strncpy instead of strcpy.
I've added a length-check on the input to the function too, to prevent too-short, as well as too-long.
- i.e. If the input was "foo" then +5 would be invalid.