You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
$ passwd
../../src/passwd.c:393:6: runtime error: signed integer overflow: 9223372036854775807 * 86400 cannot be represented in type 'long int'
Run expiry as user2
$ expiry -c
../../lib/isexpired.c:97:28: runtime error: signed integer overflow: 9223372036854775807 + 10 cannot be represented in type 'long int'
Run expiry as user3
$ expiry -c
../../lib/age.c:165:25: runtime error: signed integer overflow: 9223372036854775807 + 99999 cannot be represented in type 'long int'
../../lib/isexpired.c:75:32: runtime error: signed integer overflow: 9223372036854775807 + 99999 cannot be represented in type 'long int'
Run expiry as user4
$ expiry -c
../../lib/age.c:165:25: runtime error: signed integer overflow: 123 + 9223372036854775807 cannot be represented in type 'long int'
../../lib/age.c:165:9: runtime error: signed integer overflow: -9223372036854775686 - 19709 cannot be represented in type 'long int'
../../lib/isexpired.c:75:32: runtime error: signed integer overflow: 123 + 9223372036854775807 cannot be represented in type 'long int'
The user1 password change should not be allowed because the minimum wait time since last change (in the future) is not reached yet.
The text was updated successfully, but these errors were encountered:
The day processing within shadow is prone to signed integer overflows, leading to undefined behavior with very large numbers.
See #876 for a possible solution.
Proof of Concept (for 64 bit systems):
sgetspent
implementation which gets long parsing right (glibc does not)The user1 password change should not be allowed because the minimum wait time since last change (in the future) is not reached yet.
The text was updated successfully, but these errors were encountered: