[sudo-commits] sudo changeset 12157:4830bdf1a683

Todd C. Miller Todd.Miller at sudo.ws
Thu Jan 30 10:20:24 MST 2020

changeset:	12157:4830bdf1a683 in /raid/repos/sudo
details:	https://www.sudo.ws/repos/sudo/rev/4830bdf1a683
user:		Todd C. Miller <Todd.Miller at sudo.ws>
date:		Wed Jan 29 20:15:21 2020 -0700

Log Message:
	Fix a buffer overflow when pwfeedback is enabled and input is a not a tty.
	In getln() if the user enters ^U (erase line) and the write(2) fails,
	the remaining buffer size is reset but the current pointer is not.
	While here, fix an incorrect break for erase when write(2) fails.
	Also disable pwfeedback when input is not a tty as it cannot work.
	Credit: Joe Vennix from Apple Information Security.


 src/tgetpass.c |  20 ++++++++++++--------
 1 files changed, 12 insertions(+), 8 deletions(-)

More information about the sudo-commits mailing list