svn commit: r325802 - stable/10/lib/libpam/modules/pam_unix

Tue, 14 Nov 2017 02:49:24 -0800 

Author: des
Date: Tue Nov 14 10:49:07 2017
New Revision: 325802
URL: https://svnweb.freebsd.org/changeset/base/325802

Log:
  MFH (r325010): don't bother verifying a password that we know is too long.
  
  Reported by:  jkim@
  Security:     CVE-2016-6210

Modified:
  stable/10/lib/libpam/modules/pam_unix/pam_unix.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/lib/libpam/modules/pam_unix/pam_unix.c
==============================================================================
--- stable/10/lib/libpam/modules/pam_unix/pam_unix.c    Tue Nov 14 10:48:30 
2017        (r325801)
+++ stable/10/lib/libpam/modules/pam_unix/pam_unix.c    Tue Nov 14 10:49:07 
2017        (r325802)
@@ -111,6 +111,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __un
                        if (!(flags & PAM_DISALLOW_NULL_AUTHTOK) &&
                            openpam_get_option(pamh, PAM_OPT_NULLOK))
                                return (PAM_SUCCESS);
+                       PAM_LOG("Password is empty, using fake password");
                        realpw = "*";
                }
                lc = login_getpwclass(pwd);
@@ -125,6 +126,10 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __un
        if (retval != PAM_SUCCESS)
                return (retval);
        PAM_LOG("Got password");
+       if (strnlen(pass, _PASSWORD_LEN + 1) > _PASSWORD_LEN) {
+               PAM_LOG("Password is too long, using fake password");
+               realpw = "*";
+       }
        if (strcmp(crypt(pass, realpw), realpw) == 0)
                return (PAM_SUCCESS);
 
_______________________________________________
svn-src-stable-10@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"

Reply via email to