Patch from vodz to cleanup libbb/obscure.c:password_check()
authorEric Andersen <andersen@codepoet.org>
Wed, 6 Aug 2003 08:33:08 +0000 (08:33 -0000)
committerEric Andersen <andersen@codepoet.org>
Wed, 6 Aug 2003 08:33:08 +0000 (08:33 -0000)
to not copy too much data.

libbb/obscure.c

index 537d4484f2678d10c45a720ff8c63ce2faa32823..aa15e409717f2fc40d423cf87fd9c5d080326b7a 100644 (file)
@@ -144,8 +144,8 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
 
        msg = NULL;
        newmono = str_lower(bb_xstrdup(newval));
-       lenwrap = strlen(old) * 2 + 1;
-       wrapped = (char *) xmalloc(lenwrap);
+       lenwrap = strlen(old);
+       wrapped = (char *) xmalloc(lenwrap * 2 + 1);
        str_lower(strcpy(wrapped, old));
 
        if (palindrome(newmono))
@@ -164,7 +164,7 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
        }
 
        bzero(newmono, strlen(newmono));
-       bzero(wrapped, lenwrap);
+       bzero(wrapped, lenwrap * 2);
        free(newmono);
        free(wrapped);