Re: Buffer Overrun / DOS in /bin/passwd (at least Redhat Linux 4.2)

Theo de Raadt (deraadt@CVS.OPENBSD.ORG)
Fri, 19 Dec 1997 15:08:27 -0700

In OpenBSD, we constrain the password line to be 1023 characters long
(_including_ expansion in the gecos field of all cases of '&' ->

Perhaps this strict constraint isn't the perfect solution to the
problem, but it sure has stopped a few root holes. One day we'll
rewrite it better: allow longer lengths, but check in lots of places.
(However a current benefit of this scheme is that the 1023 character
constraint also helps for the YP server case).

This solution saved us from the sendmail overflow in buildfname().