Do not try to check presence of too short username in password.

author: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com> 2016-10-31 10:03:35 +0100
committer: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com> 2016-10-31 10:03:35 +0100
commit: 42dbacce20fb8e1628a2bb99517d4cccda1256a2 (patch)
tree: 92a420d22fb25ef7fba9dd6042b05093d8ac8710
parent: 60d4552013f84e7e7e423bf25b3be66a0802a4f4 (diff)
download: libpwquality-42dbacce20fb8e1628a2bb99517d4cccda1256a2.tar.gz
1 files changed, 9 insertions, 2 deletions
diff --git a/src/check.c b/src/check.c
index d1c59b7..0488029 100644
--- a/src/check.c
+++ b/src/check.c
@@ -22,6 +22,8 @@
 #endif
 #define MIN(_a, _b) (((_a) < (_b)) ? (_a) : (_b))
 
+#define PW_MIN_USERNAME_LEN_TO_CHECK 3
+
 /* Helper functions */
 
 /*
@@ -373,7 +375,12 @@ usercheck(pwquality_settings_t *pwq, const char *new,
           char *user)
 {
         char *f, *b;
-        int dist;
+        int dist, userlen = strlen(user);
+
+        /* No point to check for username in password in 1 or 2-char
+         * usernames; it will be contained one way or another anyway. */
+        if (userlen < PW_MIN_USERNAME_LEN_TO_CHECK)
+        	return 0;
 
         if (strstr(new, user) != NULL)
                 return 1;
@@ -385,7 +392,7 @@ usercheck(pwquality_settings_t *pwq, const char *new,
         /* now reverse the username, we can do that in place
                 as it is strdup-ed */
         f = user;
-        b = user + strlen(user) - 1;
+        b = user + userlen - 1;
         while (f < b) {
                 char c;
author	Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>	2016-10-31 10:03:35 +0100
committer	Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>	2016-10-31 10:03:35 +0100
commit	42dbacce20fb8e1628a2bb99517d4cccda1256a2 (patch)
tree	92a420d22fb25ef7fba9dd6042b05093d8ac8710
parent	60d4552013f84e7e7e423bf25b3be66a0802a4f4 (diff)
download	libpwquality-42dbacce20fb8e1628a2bb99517d4cccda1256a2.tar.gz