From: hanjinpeng <hanjinpeng@kylinos.cn>
Date: Tue, 13 Aug 2024 16:56:10 +0000 (+0800)
Subject: Limit the maximum length of a password to 8 characters
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=refs%2Fpull%2F1762%2Fhead;p=tigervnc.git

Limit the maximum length of a password to 8 characters

Password should not be greater than 8 characters.
Because only 8 valid characters are used.
---

diff --git a/unix/vncpasswd/vncpasswd.cxx b/unix/vncpasswd/vncpasswd.cxx
index eb8ad037..b067719b 100644
--- a/unix/vncpasswd/vncpasswd.cxx
+++ b/unix/vncpasswd/vncpasswd.cxx
@@ -149,6 +149,11 @@ static std::vector<uint8_t> readpassword() {
       continue;
     }
 
+    if (first.size() > 8) {
+      fprintf(stderr,"Password should not be greater than 8 characters\nBecause only 8 valid characters are used - try again\n");
+      continue;
+    }
+
 #ifdef HAVE_PWQUALITY
     //the function return score of password quality
     int r = check_passwd_pwquality(passwd);