From a817cff5a0f17c6a8b35013483a18c70acdfaa1c Mon Sep 17 00:00:00 2001
From: Matthieu Patou <mat+Informatique.Samba@matws.net>
Date: Sat, 11 Jul 2009 15:57:35 +0200
Subject: Fix broken password quality check

This fixes broken password tests when the passwords contain non ASCII characters
(e.g. accentuated chars like ('e, `e, ...)
---
 lib/util/genrand.c       | 3 ++-
 lib/util/tests/genrand.c | 2 ++
 2 files changed, 4 insertions(+), 1 deletion(-)

(limited to 'lib/util')

diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index cd1823a9a0..c51f9384b8 100644
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -294,6 +294,7 @@ _PUBLIC_ uint32_t generate_random(void)
 _PUBLIC_ bool check_password_quality(const char *s)
 {
 	int has_digit=0, has_capital=0, has_lower=0, has_special=0, has_high=0;
+	char* reals = s;
 	while (*s) {
 		if (isdigit((unsigned char)*s)) {
 			has_digit |= 1;
@@ -310,7 +311,7 @@ _PUBLIC_ bool check_password_quality(const char *s)
 	}
 
 	return ((has_digit + has_lower + has_capital + has_special) >= 3
-		|| (has_high > strlen(s)/2));
+		|| (has_high > strlen(reals)/2));
 }
 
 /**
diff --git a/lib/util/tests/genrand.c b/lib/util/tests/genrand.c
index 5fe229c089..20a20ac7fa 100644
--- a/lib/util/tests/genrand.c
+++ b/lib/util/tests/genrand.c
@@ -40,6 +40,8 @@ static bool test_check_password_quality(struct torture_context *tctx)
 	torture_assert(tctx, !check_password_quality("aaaaaaaaaaaa"), "same char password");
 	torture_assert(tctx, !check_password_quality("BLA"), "multiple upcases password");
 	torture_assert(tctx, !check_password_quality("123"), "digits only");
+	torture_assert(tctx, !check_password_quality("matthiéu"), "not enough high symbols");
+	torture_assert(tctx, check_password_quality("abcdééàçè"), "valid");
 	torture_assert(tctx, check_password_quality("A2e"), "valid");
 	torture_assert(tctx, check_password_quality("BA2eLi443"), "valid");
 	return true;
-- 
cgit 


From 5f8df164716a43bd9e6c22dfd1f066bf96ccf273 Mon Sep 17 00:00:00 2001
From: Slava Semushin <php-coder@altlinux.ru>
Date: Sat, 18 Jul 2009 16:28:53 +0700
Subject: lib/util/util_file.c(file_save): fixed file descriptor leak when
 read(2) fails.

Found by cppcheck:
[./lib/util/util_file.c:383]: (error) Resource leak: fd
---
 lib/util/util_file.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lib/util')

diff --git a/lib/util/util_file.c b/lib/util/util_file.c
index 0275e78c54..7466004e5c 100644
--- a/lib/util/util_file.c
+++ b/lib/util/util_file.c
@@ -380,6 +380,7 @@ _PUBLIC_ bool file_save(const char *fname, const void *packet, size_t length)
 		return false;
 	}
 	if (write(fd, packet, length) != (size_t)length) {
+		close(fd);
 		return false;
 	}
 	close(fd);
-- 
cgit