[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040228145434.2e60b8cd.timothy.demulder@tiscali.be>
From: timothy.demulder at tiscali.be (Timothy Demulder)
Subject: LOL, stupid calife maintainer - this can't be
true
On Sat, 28 Feb 2004 14:18:20 +0100
"DownBload / Illegal Instruction Labs" <downbload@...mail.com> wrote:
> This can't be true...
...
> Vulnerable code ("glibc problem" ;-) ->
> /root/calife-2.8.4c/db.c
> ------------------------
> ...
> char got_pass = 0;
> char * pt_pass, * pt_enc,
> * user_pass, * enc_pass, salt [10];
>
> user_pass = (char *) xalloc (l_size);
> enc_pass = (char *) xalloc (l_size);
> ...
> for ( i = 0; i < 3; i ++ )
> {
> pt_pass = (char *) getpass ("Password:");
> memset (user_pass, '\0', l_size);
> strcpy (user_pass, pt_pass); // <- BAD CODE
> pt_enc = (char *) crypt (user_pass, calife->pw_passwd);
> memset (enc_pass, '\0', l_size);
> strcpy (enc_pass, pt_enc);
> }
> ...
> free (user_pass); // <- FUN CODE ;-)
> free (enc_pass); // <- FUN CODE ;-)
> ...
It's just plain sad, there should be capital punishement for people
who code like this.
Powered by blists - more mailing lists