diff --git a/ChangeLog b/ChangeLog index 9f6f61e2..04472204 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4158,6 +4158,7 @@ v0.33.18 27-Jul-2001 The written door.sys file now has a : after the comport. Executing doors in nosuid mode (as real user) is now possible. The can be switched on using mbsetup. + Fixed security problem in Unix username and password entry. mbuseradd: Ported to work on FreeBSD. diff --git a/mbsebbs/funcs4.c b/mbsebbs/funcs4.c index 43d259f5..5c06cc69 100644 --- a/mbsebbs/funcs4.c +++ b/mbsebbs/funcs4.c @@ -2,7 +2,7 @@ * * File ..................: bbs/funcs4.c * Purpose ...............: Misc functions, also for some utils. - * Last modification date : 08-Aug-2001 + * Last modification date : 18-Oct-2001 * ***************************************************************************** * Copyright (C) 1997-2001 @@ -202,7 +202,7 @@ void GetstrU(char *sStr, int iMaxlen) putchar('\007'); } - if (ch > 32 && ch < 127) { + if (isalnum(ch)) { if (iPos <= iMaxlen) { iPos++; sprintf(sStr, "%s%c", sStr, ch); diff --git a/mbsebbs/funcs4.h b/mbsebbs/funcs4.h index fa1238d8..92f568d3 100644 --- a/mbsebbs/funcs4.h +++ b/mbsebbs/funcs4.h @@ -1,6 +1,7 @@ #ifndef _FUNCS4_H #define _FUNCS4_H + void UserSilent(int); /* Update users silent flag info */ int CheckStatus(void); /* Check BBS open status */ void GetstrU(char *, int); /* Get string, forbid spaces */ diff --git a/mbsebbs/pwcheck.c b/mbsebbs/pwcheck.c index 9fce8492..97163a52 100644 --- a/mbsebbs/pwcheck.c +++ b/mbsebbs/pwcheck.c @@ -2,13 +2,13 @@ * * File ..................: bbs/pwcheck.c * Purpose ...............: Password checking routines - * Last modification date : 08-Feb-1999 + * Last modification date : 18-Oct-2001 * ***************************************************************************** - * Copyright (C) 1997-1999 + * Copyright (C) 1997-2001 * - * Michiel Broek FIDO: 2:2801/16 - * Beekmansbos 10 Internet: mbroek@ux123.pttnwb.nl + * Michiel Broek FIDO: 2:280/2802 + * Beekmansbos 10 Internet: mbroek@users.sourceforge.net * 1971 BV IJmuiden * the Netherlands * @@ -44,7 +44,7 @@ * Open up /dev/tty to get the password from the user * because this is done in raw mode, it makes life a bit * more difficult. - * This function gets a password from a user, upto CFG.max_passlen set above + * This function gets a password from a user, upto Max_passlen */ int Getpass(char *theword) { @@ -69,37 +69,32 @@ int Getpass(char *theword) * Till the user presses ENTER or reaches the maximum length allowed */ while ((c != 13) && (counter < Max_passlen )) { + + fflush(stdout); c = Readkey(); /* Reads a character from the raw device */ if (((c == 8) || (c == KEY_DEL) || (c == 127)) && (counter != 0 )) { /* If its a BACKSPACE */ counter--; password[counter] = '\0'; printf("\x008 \x008"); - fflush(stdout); continue; } /* Backtrack to fix the BACKSPACE */ if (((c == 8) || (c == KEY_DEL) || (c == 127)) && (counter == 0) ) { printf("\x007"); - fflush(stdout); continue; } /* Don't Backtrack as we are at the begining of the passwd field */ - password[counter] = c; - counter++; - - if (c > 32 && c < 127) { /* If its a normal character, display a . */ + if (isalnum(c)) { + password[counter] = c; + counter++; printf("%c", CFG.iPasswd_Char); - fflush(stdout); } } Unsetraw(); /* Go normal */ close(ttyfd); - if (counter == Max_passlen) - password[counter] = '\0'; /* Make sure the string has a NULL at the end*/ - else - password[counter-1] ='\0'; + password[counter] = '\0'; /* Make sure the string has a NULL at the end*/ strcpy(theword,password); return(0);