apr_password_get(): Fix the check for buffer overflow.

The input buffer had already been cleared by the
time the length of the input buffer was checked,
so overflow was never reported.

Add a comment about the length checking to the docs.


git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@107007 13f79535-47bb-0310-9956-ffa450edef68

3 files changed, 10 insertions, 4 deletions

diff --git a/CHANGES b/CHANGES
index 51f50e802..df451fd85 100644
--- a/CHANGES
+++ b/CHANGES
@@ -32,6 +32,8 @@ Changes for APR 1.1.0
 
 Changes for APR 1.0.1
 
+  *) apr_password_get(): Fix the check for buffer overflow.  [Jeff Trawick]
+
   *) Fix HUP return codes in pollset when using KQueue.
      [Paul Querna]
 
diff --git a/include/apr_lib.h b/include/apr_lib.h
index 18d83da09..bf34457e2 100644
--- a/include/apr_lib.h
+++ b/include/apr_lib.h
@@ -168,6 +168,8 @@ APR_DECLARE(int) apr_vformatter(int (*flush_func)(apr_vformatter_buff_t *b),
  * @param prompt The prompt to display
  * @param pwbuf Buffer to store the password
  * @param bufsize The length of the password buffer.
+ * @remark If the password entered must be truncated to fit in
+ * the provided buffer, APR_ENAMETOOLONG will be returned.
  */
 APR_DECLARE(apr_status_t) apr_password_get(const char *prompt, char *pwbuf, 
                                            apr_size_t *bufsize);
diff --git a/passwd/apr_getpass.c b/passwd/apr_getpass.c
index 0da9ca426..f30896139 100644
--- a/passwd/apr_getpass.c
+++ b/passwd/apr_getpass.c
@@ -219,12 +219,14 @@ APR_DECLARE(apr_status_t) apr_password_get(const char *prompt, char *pwbuf, apr_
 #else
     char *pw_got = getpass(prompt);
 #endif
+    apr_status_t rv = APR_SUCCESS;
+
     if (!pw_got)
         return APR_EINVAL;
-    apr_cpystrn(pwbuf, pw_got, *bufsiz);
-    memset(pw_got, 0, strlen(pw_got));
     if (strlen(pw_got) >= *bufsiz) {
-        return APR_ENAMETOOLONG;
+        rv = APR_ENAMETOOLONG;
     }
-    return APR_SUCCESS; 
+    apr_cpystrn(pwbuf, pw_got, *bufsiz);
+    memset(pw_got, 0, strlen(pw_got));
+    return rv;
 }