morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 00:14:32 +09:00
Code Issues Packages Projects Releases Wiki Activity

ask-password-api: refuse control characters in passwords

Browse Source 
Just some extra safety
This commit is contained in:
Lennart Poettering
2025-02-05 09:39:09 +01:00
parent 104a6b8c39
commit 4ba044ebd0
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/shared/ask-password-api.c
View File

@@ -745,9 +745,8 @@ int ask_password_tty(
if (ttyfd >= 0)
(void) loop_write(ttyfd, NO_ECHO, SIZE_MAX);
} else if (p >= sizeof(passphrase)-1) {
/* Reached the size limit */
} else if (char_is_cc(c) || p >= sizeof(passphrase)-1) {
/* Don't accept control chars or overly long passphrases */
if (ttyfd >= 0)
(void) loop_write(ttyfd, "\a", 1);