|
|
9b7f02 |
diff -up shadow-4.1.5.1/src/usermod.c.passwd shadow-4.1.5.1/src/usermod.c
|
|
|
9b7f02 |
--- shadow-4.1.5.1/src/usermod.c.passwd 2015-12-17 14:05:47.959743073 +0100
|
|
|
9b7f02 |
+++ shadow-4.1.5.1/src/usermod.c 2015-12-18 12:42:28.290405529 +0100
|
|
|
9b7f02 |
@@ -360,14 +360,17 @@ static char *new_pw_passwd (char *pw_pas
|
|
|
9b7f02 |
strcat (buf, pw_pass);
|
|
|
9b7f02 |
pw_pass = buf;
|
|
|
9b7f02 |
} else if (Uflg && pw_pass[0] == '!') {
|
|
|
9b7f02 |
- char *s;
|
|
|
9b7f02 |
+ char *s = pw_pass;
|
|
|
9b7f02 |
|
|
|
9b7f02 |
- if (pw_pass[1] == '\0') {
|
|
|
9b7f02 |
+ while ('!' == *s)
|
|
|
9b7f02 |
+ ++s;
|
|
|
9b7f02 |
+
|
|
|
9b7f02 |
+ if (*s == '\0') {
|
|
|
9b7f02 |
fprintf (stderr,
|
|
|
9b7f02 |
_("%s: unlocking the user's password would result in a passwordless account.\n"
|
|
|
9b7f02 |
"You should set a password with usermod -p to unlock this user's password.\n"),
|
|
|
9b7f02 |
Prog);
|
|
|
9b7f02 |
- return pw_pass;
|
|
|
9b7f02 |
+ return NULL;
|
|
|
9b7f02 |
}
|
|
|
9b7f02 |
|
|
|
9b7f02 |
#ifdef WITH_AUDIT
|
|
|
9b7f02 |
@@ -376,12 +379,15 @@ static char *new_pw_passwd (char *pw_pas
|
|
|
9b7f02 |
user_newname, (unsigned int) user_newid, 1);
|
|
|
9b7f02 |
#endif
|
|
|
9b7f02 |
SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname));
|
|
|
9b7f02 |
- s = pw_pass;
|
|
|
9b7f02 |
- while ('\0' != *s) {
|
|
|
9b7f02 |
- *s = *(s + 1);
|
|
|
9b7f02 |
- s++;
|
|
|
9b7f02 |
- }
|
|
|
9b7f02 |
+ memmove (pw_pass, s, strlen (s) + 1);
|
|
|
9b7f02 |
} else if (pflg) {
|
|
|
9b7f02 |
+ if (strchr (user_pass, ':') != NULL) {
|
|
|
9b7f02 |
+ fprintf (stderr,
|
|
|
9b7f02 |
+ _("%s: The password field cannot contain a colon character.\n"),
|
|
|
9b7f02 |
+ Prog);
|
|
|
9b7f02 |
+ return NULL;
|
|
|
9b7f02 |
+
|
|
|
9b7f02 |
+ }
|
|
|
9b7f02 |
#ifdef WITH_AUDIT
|
|
|
9b7f02 |
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
|
|
9b7f02 |
"updating-password",
|
|
|
9b7f02 |
@@ -430,6 +436,8 @@ static void new_pwent (struct passwd *pw
|
|
|
9b7f02 |
if ( (!is_shadow_pwd)
|
|
|
9b7f02 |
|| (strcmp (pwent->pw_passwd, SHADOW_PASSWD_STRING) != 0)) {
|
|
|
9b7f02 |
pwent->pw_passwd = new_pw_passwd (pwent->pw_passwd);
|
|
|
9b7f02 |
+ if (pwent->pw_passwd == NULL)
|
|
|
9b7f02 |
+ fail_exit (E_PW_UPDATE);
|
|
|
9b7f02 |
}
|
|
|
9b7f02 |
|
|
|
9b7f02 |
if (uflg) {
|
|
|
9b7f02 |
@@ -544,6 +552,8 @@ static void new_spent (struct spwd *spen
|
|
|
9b7f02 |
* + aging has been requested
|
|
|
9b7f02 |
*/
|
|
|
9b7f02 |
spent->sp_pwdp = new_pw_passwd (spent->sp_pwdp);
|
|
|
9b7f02 |
+ if (spent->sp_pwdp == NULL)
|
|
|
9b7f02 |
+ fail_exit(E_PW_UPDATE);
|
|
|
9b7f02 |
|
|
|
9b7f02 |
if (pflg) {
|
|
|
9b7f02 |
spent->sp_lstchg = (long) time ((time_t *) 0) / SCALE;
|