www.cendio.com
Bug 5658 - passwords are limited 2047 characters
: passwords are limited 2047 characters
Status: NEW
: ThinLinc
Web Access
: 4.3.0
: PC Unknown
: P2 Normal
: MediumPrio
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2015-09-28 09:59 by
Modified: 2018-07-11 10:54 (History)
Acceptance Criteria:


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From cendio 2015-09-28 09:59:33
Bug 5654 fixes a bug with dynamic allocation of password strings. However, if
passed password is >=511 characters the pamtester will hang. This hints about
some buffer constraint of 512 bytes which probably should be dynamic sized.
------- Comment #1 From cendio 2018-07-05 16:53:33 -------
Probably as part of bug 5086. The limit is now 1024 bytes. If that limit is
reached the tl-pamapp doesn't hang and the response is truncated.
------- Comment #2 From cendio 2018-07-05 16:53:49 -------
(In reply to comment #1)
> Probably as part of bug 5086. The limit is now 1024 bytes. If that limit is
> reached the tl-pamapp doesn't hang and the response is truncated.

Probably fixed as part of*
------- Comment #3 From cendio 2018-07-11 10:54:24 -------
It seems we don't flush the rest of the line though, meaning we will leak the
rest of it to whatever PAM prompt comes next. So it looks like we still have
issues here.

(and the buffer actually ended up being 2048 bytes, not 1024)