[Pkg-samba-maint] r1432 - trunk/samba/debian/patches
bubulle at alioth.debian.org
bubulle at alioth.debian.org
Wed May 30 21:17:02 UTC 2007
Author: bubulle
Date: 2007-05-30 21:17:02 +0000 (Wed, 30 May 2007)
New Revision: 1432
Added:
trunk/samba/debian/patches/hide_password_length.patch
Modified:
trunk/samba/debian/patches/series
Log:
Split out samba.patch again. One chunk is more or less identified while the
remaining one is still unknown
Added: trunk/samba/debian/patches/hide_password_length.patch
===================================================================
--- trunk/samba/debian/patches/hide_password_length.patch (rev 0)
+++ trunk/samba/debian/patches/hide_password_length.patch 2007-05-30 21:17:02 UTC (rev 1432)
@@ -0,0 +1,42 @@
+Goal: Seems to be meant to avoid one to guess the password's length
+ by how many Xs are left in the argv buffer
+
+Fixes: some paranoid coniderations?
+
+Status wrt upstream: Forwarded on 2007/05/30
+
+Author: Unknown
+
+Note:
+
+Index: samba-3.0.25a/source/client/smbmount.c
+===================================================================
+--- samba-3.0.25a.orig/source/client/smbmount.c 2007-05-26 07:45:39.744216228 +0200
++++ samba-3.0.25a/source/client/smbmount.c 2007-05-26 07:46:32.692638041 +0200
+@@ -768,7 +768,7 @@
+ *lp = 0;
+ pstrcpy(password,lp+1);
+ got_pass = True;
+- memset(strchr_m(opteq+1,'%')+1,'X',strlen(password));
++ memset(strchr_m(opteq+1,'%')+1,'\0',strlen(password));
+ }
+ if ((lp=strchr_m(username,'/'))) {
+ *lp = 0;
+@@ -778,7 +778,7 @@
+ !strcmp(opts, "password")) {
+ pstrcpy(password,opteq+1);
+ got_pass = True;
+- memset(opteq+1,'X',strlen(password));
++ memset(opteq+1,'\0',strlen(password));
+ } else if(!strcmp(opts, "credentials")) {
+ pstrcpy(credentials,opteq+1);
+ } else if(!strcmp(opts, "netbiosname")) {
+@@ -892,7 +892,7 @@
+ *p = 0;
+ pstrcpy(password,p+1);
+ got_pass = True;
+- memset(strchr_m(getenv("USER"),'%')+1,'X',strlen(password));
++ memset(strchr_m(getenv("USER"),'%')+1,'\0',strlen(password));
+ }
+ strupper_m(username);
+ }
Modified: trunk/samba/debian/patches/series
===================================================================
--- trunk/samba/debian/patches/series 2007-05-30 20:49:39 UTC (rev 1431)
+++ trunk/samba/debian/patches/series 2007-05-30 21:17:02 UTC (rev 1432)
@@ -7,6 +7,7 @@
non-linux-ports.patch
pam-examples.patch
README_nosmbldap-tools.patch
+hide_password_length.patch
samba.patch
no_smbmount_symlink.patch
smbclient-pager.patch
More information about the Pkg-samba-maint
mailing list