diff options
author | Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com> | 2016-10-31 10:03:35 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com> | 2016-10-31 10:03:35 +0100 |
commit | 42dbacce20fb8e1628a2bb99517d4cccda1256a2 (patch) | |
tree | 92a420d22fb25ef7fba9dd6042b05093d8ac8710 | |
parent | 60d4552013f84e7e7e423bf25b3be66a0802a4f4 (diff) | |
download | libpwquality-42dbacce20fb8e1628a2bb99517d4cccda1256a2.tar.gz |
Do not try to check presence of too short username in password.
-rw-r--r-- | src/check.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/src/check.c b/src/check.c index d1c59b7..0488029 100644 --- a/src/check.c +++ b/src/check.c @@ -22,6 +22,8 @@ #endif #define MIN(_a, _b) (((_a) < (_b)) ? (_a) : (_b)) +#define PW_MIN_USERNAME_LEN_TO_CHECK 3 + /* Helper functions */ /* @@ -373,7 +375,12 @@ usercheck(pwquality_settings_t *pwq, const char *new, char *user) { char *f, *b; - int dist; + int dist, userlen = strlen(user); + + /* No point to check for username in password in 1 or 2-char + * usernames; it will be contained one way or another anyway. */ + if (userlen < PW_MIN_USERNAME_LEN_TO_CHECK) + return 0; if (strstr(new, user) != NULL) return 1; @@ -385,7 +392,7 @@ usercheck(pwquality_settings_t *pwq, const char *new, /* now reverse the username, we can do that in place as it is strdup-ed */ f = user; - b = user + strlen(user) - 1; + b = user + userlen - 1; while (f < b) { char c; |