Hi everyone,
when logging into RT having czech keyboard accidentaly set, wide
characters may be accidentally supplied to the password routine. (Czech
keyboard have letters with wedges in the same row as numbers).
This causes error shown in attached page, revealing password to
bystanders as well as needlessly showing RT path.
I am providing a quick patch that catches the exception generated by
crypt and makes RT behave like ordinary bad password was provided.
Martin
Mgr. Martin Drasar drasar@ics.muni.cz
Network Security Department http://ics.muni.cz/
CSIRT-MU CSIRT-MU
Institute of Computer Science, Masaryk University, Brno, Czech Republic
PGP Key ID: 0x944BC925
wide_char_err.patch (1015 Bytes)
wide_char_err.htm (7.2 KB)