[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/1] Add missing null checks in libshouldbeinlibc
From: |
James Clarke |
Subject: |
[PATCH 0/1] Add missing null checks in libshouldbeinlibc |
Date: |
Tue, 29 Sep 2015 18:06:45 +0100 |
This stops /bin/login segfaulting when giving it a bad UID. However, the fact
that the UID does not exist is still leaked, since
libshouldbeinlibc/idvec-verify.c:verify_id falls back on asking for the root
password, and indicates this by changing the prompt to "Password for root".
James Clarke (1):
Add missing null checks in libshouldbeinlibc
libshouldbeinlibc/idvec-rep.c | 4 ++--
libshouldbeinlibc/idvec-verify.c | 7 ++++---
2 files changed, 6 insertions(+), 5 deletions(-)
--
2.5.3