21 lines
488 B
Diff
21 lines
488 B
Diff
--- crypto/openssh/auth-passwd.c.orig
|
|
+++ crypto/openssh/auth-passwd.c
|
|
@@ -66,6 +66,8 @@
|
|
#define DAY (24L * 60 * 60) /* 1 day in seconds */
|
|
#define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */
|
|
|
|
+#define MAX_PASSWORD_LEN 1024
|
|
+
|
|
void
|
|
disable_forwarding(void)
|
|
{
|
|
@@ -87,6 +89,9 @@
|
|
static int expire_checked = 0;
|
|
#endif
|
|
|
|
+ if (strlen(password) > MAX_PASSWORD_LEN)
|
|
+ return 0;
|
|
+
|
|
#ifndef HAVE_CYGWIN
|
|
if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
|
|
ok = 0;
|