Warn about truncation also in the case when a single password is read using

[openssl.git] / apps / passwd.c

diff --git a/apps/passwd.c b/apps/passwd.c
index 0e5682d1d6ce2b8608b293b3f5fa3565ab34502e..5a7c99abd4dca0a011d4137107bd9a21e53ec378 100644 (file)
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -20,7 +20,7 @@
 # include <openssl/des.h>
 #endif
 #ifndef NO_APR1
-# include <openssl/des.h>
+# include <openssl/md5.h>
 #endif
 
 
@@ -54,6 +54,8 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
  * -reverse      - switch table columns
  */
 
+int MAIN(int, char **);
+
 int MAIN(int argc, char **argv)
        {
        int ret = 1;
@@ -194,7 +196,9 @@ int MAIN(int argc, char **argv)
        if (passwds == NULL)
                {
                /* no passwords on the command line */
-               passwd = passwd_malloc = Malloc(pw_maxlen + 1);
+#define PASSWD_MALLOC_SIZE (pw_maxlen + 2)
+               /* longer than necessary so that we can warn about truncation */
+               passwd = passwd_malloc = Malloc(PASSWD_MALLOC_SIZE);
                if (passwd_malloc == NULL)
                        goto err;
                }
@@ -206,7 +210,7 @@ int MAIN(int argc, char **argv)
                
                passwds = passwds_static;
                if (in == NULL)
-                       if (EVP_read_pw_string(passwd_malloc, pw_maxlen + 1, "Password: ", 0) != 0)
+                       if (EVP_read_pw_string(passwd_malloc, PASSWD_MALLOC_SIZE, "Password: ", 0) != 0)
                                goto err;
                passwds[0] = passwd_malloc;
                }
@@ -324,12 +328,12 @@ static char *apr1_crypt(const char *passwd, const char *salt)
 
                MD5_Init(&md2);
                MD5_Update(&md2, (i & 1) ? (unsigned char *) passwd : buf,
-                                (i & 1) ?               passwd_len : sizeof buf);
+                                (i & 1) ? passwd_len : sizeof buf);
                if (i % 3)
                        MD5_Update(&md2, salt_out, salt_len);
                if (i % 7)
                        MD5_Update(&md2, passwd, passwd_len);
-               MD5_Update(&md2, (i & 1) ?        buf : (unsigned char *) passwd,
+               MD5_Update(&md2, (i & 1) ? buf : (unsigned char *) passwd,
                                 (i & 1) ? sizeof buf : passwd_len);
                MD5_Final(buf, &md2);
                }