/*
- * $Id: afppasswd.c,v 1.11 2003-02-17 02:04:59 srittau Exp $
+ * $Id: afppasswd.c,v 1.11.6.1 2004-10-08 00:54:40 bfernhomberg Exp $
*
* Copyright 1999 (c) Adrian Sun (asun@u.washington.edu)
* All Rights Reserved. See COPYRIGHT.
while (fgets(buf, sizeof(buf), fp)) {
if ((p = strchr(buf, ':'))) {
/* check for a match */
- if (strncmp(buf, name, p - buf) == 0) {
+ if (strlen(name) == (p - buf) &&
+ strncmp(buf, name, p - buf) == 0) {
p++;
if (!(flags & OPT_ISROOT) && (*p == PASSWD_ILLEGAL)) {
fprintf(stderr, "Your password is disabled. Please see your administrator.\n");
/*
- * $Id: uams_randnum.c,v 1.12.6.3 2004-02-25 00:37:19 bfernhomberg Exp $
+ * $Id: uams_randnum.c,v 1.12.6.4 2004-10-08 00:54:40 bfernhomberg Exp $
*
* Copyright (c) 1990,1993 Regents of The University of Michigan.
* Copyright (c) 1999 Adrian Sun (asun@u.washington.edu)
memset(buf, 0, sizeof(buf));
while (fgets(buf, sizeof(buf), fp)) {
if ((p = strchr(buf, ':'))) {
- if (strncmp(buf, pwd->pw_name, p - buf) == 0) {
+ if ( strlen(pwd->pw_name) == (p - buf) &&
+ strncmp(buf, pwd->pw_name, p - buf) == 0) {
p++;
if (*p == PASSWD_ILLEGAL) {
LOG(log_info, logtype_uams, "invalid password entry for %s", pwd->pw_name);