µTasker Forum

µTasker Forum => µTasker general => Topic started by: Chris87 on September 20, 2010, 03:58:40 PM

Title: fnCheckPass problem
Post by: Chris87 on September 20, 2010, 03:58:40 PM

Hi all

I was testing the function fnCheckPass in webutils.c when I found a problem with the lines:

Code: [Select]

   if ((ucCnt < 8 ) && (*ucNewInput != '&')) {     // if we quit because the end of the reference has been found, we check that also the new input has exactly the same length
        return 1;                                              // bad password!!
    }
    return 0;  
because if the new password (ucNewInput) matches only the first character and has added the '&' character as part of the word typed by the user, the algorithm returns 0, ignoring the length of the reference password (cReference).

The solution to the problem would be:

Code: [Select]

    if ((ucCnt < 8) && (*cReference != '&'))                   // if we quit because the end of the reference has been found,
    {                                                                    // we check that also the new input has exactly the same length
        return 1;                                                        // bad password!!
    }
    return 0;
Regards

Cristian

Title: Re: fnCheckPass problem
Post by: mark on September 20, 2010, 07:54:16 PM

Hi Cristian

Yes, this is a weakness in the release from the beginning of this year.

See this also: http://www.utasker.com/forum/index.php?topic=719.msg3820#msg3820
The solution there is integrated in the development version and also removes the restriction concerning the length of the string.

Regards

Mark