diff options
| author | Alan DeKok <aland@freeradius.org> | 2016-12-01 18:21:24 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-12-01 18:21:24 -0500 |
| commit | 3a8d8f067e56d844be0df0ea024d6e5bca10481e (patch) | |
| tree | 276015358b8d1977b1f7860fb140ec4f1051dea6 | |
| parent | 1bff76afb3b893bb941762419daa2a14657c3b71 (diff) | |
| parent | ac2c16774be593ebaa769b09c95722d08216cb95 (diff) | |
| download | libpam-radius-auth-3a8d8f067e56d844be0df0ea024d6e5bca10481e.tar.gz libpam-radius-auth-3a8d8f067e56d844be0df0ea024d6e5bca10481e.zip | |
Merge pull request #26 from justinsg/master
Copy password to buffer before rounding length
| -rw-r--r-- | src/pam_radius_auth.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/pam_radius_auth.c b/src/pam_radius_auth.c index e9b3034..34b2a38 100644 --- a/src/pam_radius_auth.c +++ b/src/pam_radius_auth.c @@ -528,6 +528,9 @@ static void add_password(AUTH_HDR *request, unsigned char type, CONST char *pass length = MAXPASS; } + memcpy(hashed, password, length); + memset(hashed + length, 0, sizeof(hashed) - length); + if (length == 0) { length = AUTH_PASS_LEN; /* 0 maps to 16 */ } if ((length & (AUTH_PASS_LEN - 1)) != 0) { @@ -535,9 +538,6 @@ static void add_password(AUTH_HDR *request, unsigned char type, CONST char *pass length &= ~(AUTH_PASS_LEN - 1); /* chop it off */ } /* 16*N maps to itself */ - memcpy(hashed, password, length); - memset(hashed + length, 0, sizeof(hashed) - length); - attr = find_attribute(request, PW_PASSWORD); if (type == PW_PASSWORD) { |