diff options
| -rw-r--r-- | auth-passwd.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/auth-passwd.c b/auth-passwd.c index 530b5d4f7..996c2cf71 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth-passwd.c,v 1.44 2014/07/15 15:54:14 millert Exp $ */ | 1 | /* $OpenBSD: auth-passwd.c,v 1.45 2016/07/21 01:39:35 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -66,6 +66,8 @@ extern login_cap_t *lc; | |||
| 66 | #define DAY (24L * 60 * 60) /* 1 day in seconds */ | 66 | #define DAY (24L * 60 * 60) /* 1 day in seconds */ |
| 67 | #define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */ | 67 | #define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */ |
| 68 | 68 | ||
| 69 | #define MAX_PASSWORD_LEN 1024 | ||
| 70 | |||
| 69 | void | 71 | void |
| 70 | disable_forwarding(void) | 72 | disable_forwarding(void) |
| 71 | { | 73 | { |
| @@ -87,6 +89,9 @@ auth_password(Authctxt *authctxt, const char *password) | |||
| 87 | static int expire_checked = 0; | 89 | static int expire_checked = 0; |
| 88 | #endif | 90 | #endif |
| 89 | 91 | ||
| 92 | if (strlen(password) > MAX_PASSWORD_LEN) | ||
| 93 | return 0; | ||
| 94 | |||
| 90 | #ifndef HAVE_CYGWIN | 95 | #ifndef HAVE_CYGWIN |
| 91 | if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) | 96 | if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) |
| 92 | ok = 0; | 97 | ok = 0; |