fedora 23
misc weakness #264

4

Weakness Breakdown


Definition:

The software specifies permissions for a security-critical resource in a way that allows the resource to be read or modified by unintended actors.

Warning code(s):

This function is obsolete and not portable. It was in SUSv2 but removed by POSIX.2. What it does exactly varies considerably between systems, particularly in where its prompt is displayed and where it gets its data.

File Name:

cadaver-0.23.3/lib/getpass.c

Context:

The highlighted line of code below is the trigger point of this particular Fedora 23 misc weakness.

   static struct termios termb;
  static tcflag_t flags;
#else
#if defined(HAVE_TERMIO_H)
  static struct termio termb;
  static unsigned short flags;
#else
#if defined(HAVE_STTY)
  static struct sgttyb ttyb;
  static int flags;
#endif
#endif
#endif

void static save_tty_state(void);
void static disable_tty_echo(void);
void static restore_tty_state(void);
static RETSIGTYPE sigint_handler(int);

char *fm_getpassword(const char *prompt)
{
#if !(defined(HAVE_TCSETATTR) || defined(HAVE_TERMIO_H) || defined(HAVE_STTY))
#if defined(HAVE_GETPASS) 
    char *getpass();
    return getpass(prompt);
#else
    fputs(_("ERROR: no support for getpassword() routine\n"),stderr);
    exit(1);
#endif
#else
    register char *p;
    register int c;
    FILE *fi;
    static char pbuf[INPUT_BUF_SIZE];
    RETSIGTYPE (*sig)(int) = 0;	/* initialization pacifies -Wall */
    RETSIGTYPE sigint_handler(int);
    char *ret;

    int istty = isatty(0);

    /* get the file descriptor for the actual input device if it's a tty */
    if (istty)
    {
	if ((fi = fdopen(open("/dev/tty", 2), "r")) == NULL)
	    fi = stdin;
	else
	    setbuf(fi, (char *)NULL);
    }
    else
	fi = stdin; 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.