Set minimum password length with 8 characters by default to protect
passwords vulnerable.
Signed-off-by: Namjae Jeon <linkinjeon@xxxxxxxxxx>
---
adduser/user_admin.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/adduser/user_admin.c b/adduser/user_admin.c
index 4e85915..36b9ad2 100644
--- a/adduser/user_admin.c
+++ b/adduser/user_admin.c
@@ -119,6 +119,11 @@ again:
goto again;
}
+ if (len <= 7) {
+ pr_err("Minimum password length is 8 characters\n");
+ goto again;
+ }
+
*sz = len;
free(pswd2);
return pswd1;
--
2.25.1
