58 lines
1.7 KiB
Diff
58 lines
1.7 KiB
Diff
Index: shadow-4.5/src/usermod.c
|
|
===================================================================
|
|
--- a/src/usermod.c
|
|
+++ b/src/usermod.c
|
|
@@ -434,12 +434,17 @@ static char *new_pw_passwd (char *pw_pass)
|
|
strcat (buf, pw_pass);
|
|
pw_pass = buf;
|
|
} else if (Uflg && pw_pass[0] == '!') {
|
|
- if (pw_pass[1] == '\0') {
|
|
+ char *s = pw_pass;
|
|
+
|
|
+ while ('!' == *s)
|
|
+ ++s;
|
|
+
|
|
+ if (*s == '\0') {
|
|
fprintf (stderr,
|
|
_("%s: unlocking the user's password would result in a passwordless account.\n"
|
|
"You should set a password with usermod -p to unlock this user's password.\n"),
|
|
Prog);
|
|
- return pw_pass;
|
|
+ return NULL;
|
|
}
|
|
|
|
#ifdef WITH_AUDIT
|
|
@@ -449,6 +454,13 @@ static char *new_pw_passwd (char *pw_pass)
|
|
SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname));
|
|
memmove(pw_pass, pw_pass + 1, strlen(pw_pass));
|
|
} else if (pflg) {
|
|
+ if (strchr (user_pass, ':') != NULL) {
|
|
+ fprintf (stderr,
|
|
+ _("%s: The password field cannot contain a colon character.\n"),
|
|
+ Prog);
|
|
+ return NULL;
|
|
+
|
|
+ }
|
|
#ifdef WITH_AUDIT
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
|
"changing password", user_newname, user_newid, 1);
|
|
@@ -495,6 +507,8 @@ static void new_pwent (struct passwd *pwent)
|
|
if ( (!is_shadow_pwd)
|
|
|| (strcmp (pwent->pw_passwd, SHADOW_PASSWD_STRING) != 0)) {
|
|
pwent->pw_passwd = new_pw_passwd (pwent->pw_passwd);
|
|
+ if (pwent->pw_passwd == NULL)
|
|
+ fail_exit (E_PW_UPDATE);
|
|
}
|
|
|
|
if (uflg) {
|
|
@@ -611,6 +625,8 @@ static void new_spent (struct spwd *spent)
|
|
* + aging has been requested
|
|
*/
|
|
spent->sp_pwdp = new_pw_passwd (spent->sp_pwdp);
|
|
+ if (spent->sp_pwdp == NULL)
|
|
+ fail_exit(E_PW_UPDATE);
|
|
|
|
if (pflg) {
|
|
spent->sp_lstchg = gettime () / SCALE;
|
|
|