From 8a1b524d47835c4d50f3c4c3b7efdf8f70f985ad Mon Sep 17 00:00:00 2001
From: gord <gord@localhost>
Date: Sat, 27 Mar 1999 22:59:57 +0000
Subject: [PATCH] Fix brainos from misapplied patches.  Add improved password
 checking.

---
 ChangeLog            | 24 +++++++++++++++++--
 grub/asmstub.c       |  6 ++---
 shared_src/char_io.c | 55 ++++++++++++++++++++++++++++++--------------
 shared_src/cmdline.c |  2 +-
 shared_src/shared.h  |  5 +++-
 shared_src/stage2.c  | 42 ++++++++++++++++++---------------
 6 files changed, 92 insertions(+), 42 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 3553bbfc6..a42f2d990 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,9 +1,29 @@
 1999-03-27  Gordon Matzigkeit  <gord@trick.fig.org>
 
+	* grub/asmstub.c (checkkey): Fix unterminated comment.
+
+	* shared_src/char_io.c (grub_printf): Renamed from printf.
+	(grub_tolower): Renamed from tolower.
+	(grub_isspace): Renamed from isspace.
+	(grub_strncat): Renamed from strncat.
+	(grub_strstr): Renamed from strstr.
+	(grub_bcopy): Renamed from bcopy.
+	(grub_bzero): Renamed from bzero.
+
+	From Bradford Hovinen:
+	* shared_src/char_io.c (get_cmdline): Add new argument to hide
+	password entry.
+	(grub_strcmp): New function.
+	* shared_src/shared.h (get_cmdline): Fix declaration.
+	(grub_strcmp): Declare.
+	* shared_src/stage2.c (run_menu): Use get_cmdline with an
+	ECHO_CHAR of `*'.  This protects against both brute-force and
+	sidelong-glance password cracking attempts.
+
 	* grub/main.c (usage): Display defaults for stage2 options.
 
-	* grub/asmstub.c [NO_REMAPPING_LIBC_FUNCTIONS]: Rename to
-	WITHOUT_LIBC_STUBS.
+	* grub/asmstub.c [WITHOUT_LIBC_STUBS]: Renamed from
+	NO_REMAPPING_LIBC_FUNCTIONS.
 	* grub/main.c: Likewise.
 	* shared_src/shared.h: Likewise.
 
diff --git a/grub/asmstub.c b/grub/asmstub.c
index b29335078..171cc7ad7 100644
--- a/grub/asmstub.c
+++ b/grub/asmstub.c
@@ -143,7 +143,7 @@ grub_stage2 (void)
   /* Close off the file descriptors we used. */
   for (i = 0; i < NUM_DISKS; i ++)
     if (disks[i].flags)
-      close ((FILE *) disks[i].flags);
+      close (disks[i].flags);
 
   /* Release memory. */
   free (disks);
@@ -356,7 +356,7 @@ checkkey (void)
     ungetch (c);	/* FIXME: ncurses-1.9.9g ungetch is buggy.  */
   return c;
 #else
-  /* Just pretend they hit the space bar.
+  /* Just pretend they hit the space bar. */
   return ' ';
 #endif
 }
@@ -501,7 +501,7 @@ biosdisk (int subfunc, int drive, struct geometry *geometry,
 
   buf = (char *) (segment << 4);
   /* FIXME: handle EINTR */
-  if (read (fd, buf, nsec * SECTOR_SIZE, fp) != nsec * SECTOR_SIZE)
+  if (read (fd, buf, nsec * SECTOR_SIZE) != nsec * SECTOR_SIZE)
     return -1;
   return 0;
 }
diff --git a/shared_src/char_io.c b/shared_src/char_io.c
index 7cf5ea843..226b7b93f 100644
--- a/shared_src/char_io.c
+++ b/shared_src/char_io.c
@@ -80,7 +80,7 @@ convert_to_ascii (char *buf, int c,...)
 
 
 void
-printf (char *format,...)
+grub_printf (char *format,...)
 {
   int *dataptr = (int *) &format;
   char c, *ptr, str[16];
@@ -137,20 +137,24 @@ init_page (void)
    at once.  So, the whole screen is about 2000 characters, minus the
    PROMPT, and space for error and status lines, etc.  MAXLEN must be
    at least 1, and PROMPT and CMDLINE must be valid strings (not NULL
-   or zero-length). */
+   or zero-length).
+
+   If ECHO_CHAR is nonzero, echo it instead of the typed character. */
 int
-get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
+get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen,
+	     int echo_char)
 {
   int ystart, yend, xend, lpos, c;
   int plen = 0;
   int llen = 0;
 
   /* nested function definition for code simplicity */
-  static void cl_print (char *str)
+  static void cl_print (char *str, int echo_char)
   {
     while (*str != 0)
       {
-	putchar (*(str++));
+	putchar (echo_char ? echo_char : *str);
+	str ++;
 	if (++xend > 78)
 	  {
 	    xend = 0;
@@ -180,8 +184,8 @@ get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
     ystart = (getxy () & 0xff);
     yend = ystart;
     xend = 0;
-    cl_print (prompt);
-    cl_print (cmdline);
+    cl_print (prompt, 0);
+    cl_print (cmdline, echo_char);
     cl_setcpos ();
   }
 
@@ -324,7 +328,7 @@ get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
 	      cl_setcpos ();
 	      if (lpos != llen)
 		{
-		  cl_print (cmdline + lpos);
+		  cl_print (cmdline + lpos, echo_char);
 		  cl_setcpos ();
 		}
 	    }
@@ -348,7 +352,7 @@ get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
 		{
 		  lpos = 0;
 		  cl_setcpos ();
-		  cl_print (cmdline);
+		  cl_print (cmdline, echo_char);
 		  cl_setcpos ();
 		}
 	    }
@@ -360,7 +364,7 @@ get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
 		{
 		  cmdline[lpos] = c;
 		  cmdline[lpos + 1] = 0;
-		  cl_print (cmdline + lpos);
+		  cl_print (cmdline + lpos, echo_char);
 		  lpos ++;
 		  cl_setcpos ();
 		}
@@ -371,7 +375,7 @@ get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
 		    cmdline[i + 1] = cmdline[i];
 		  cmdline[lpos] = c;
 		  cl_setcpos ();
-		  cl_print (cmdline + lpos);
+		  cl_print (cmdline + lpos, echo_char);
 		  lpos++;
 		  cl_setcpos ();
 		}
@@ -481,7 +485,7 @@ safe_parse_maxint (char **str_ptr, int *myint_ptr)
 
 
 int
-tolower (int c)
+grub_tolower (int c)
 {
   if (c >= 'A' && c <= 'Z')
     return (c + ('a' - 'A'));
@@ -492,7 +496,7 @@ tolower (int c)
 
 
 int
-isspace (int c)
+grub_isspace (int c)
 {
   if (c == ' ' || c == '\t' || c == '\n')
     return 1;
@@ -502,7 +506,7 @@ isspace (int c)
 
 
 int
-strncat (char *s1, char *s2, int n)
+grub_strncat (char *s1, char *s2, int n)
 {
   int i = -1;
 
@@ -521,6 +525,23 @@ strncat (char *s1, char *s2, int n)
 }
 
 
+int
+grub_strcmp (char *s1, char *s2)
+{
+  while (*s1 || *s2)
+    {
+      if (*s1 < *s2)
+	return -1;
+      else if (*s1 > *s2)
+	return 1;
+      s1 ++;
+      s2 ++;
+    }
+
+  return 0;
+}
+
+
 int
 substring (char *s1, char *s2)
 {
@@ -542,7 +563,7 @@ substring (char *s1, char *s2)
 
 
 char *
-strstr (char *s1, char *s2)
+grub_strstr (char *s1, char *s2)
 {
   char *ptr, *tmp;
 
@@ -586,7 +607,7 @@ memcheck (int start, int len)
 
 
 int
-bcopy (char *from, char *to, int len)
+grub_bcopy (char *from, char *to, int len)
 {
   if (memcheck ((int) to, len))
     {
@@ -614,7 +635,7 @@ bcopy (char *from, char *to, int len)
 
 
 int
-bzero (char *start, int len)
+grub_bzero (char *start, int len)
 {
   if (memcheck ((int) start, len))
     {
diff --git a/shared_src/cmdline.c b/shared_src/cmdline.c
index 910005dd8..5c59cc57c 100644
--- a/shared_src/cmdline.c
+++ b/shared_src/cmdline.c
@@ -224,7 +224,7 @@ returnit:
       print_error();
     }
 
-  if (run_cmdline && get_cmdline(PACKAGE "> ", commands, cur_heap, 2048))
+  if (run_cmdline && get_cmdline (PACKAGE "> ", commands, cur_heap, 2048, 0))
     return 1;
 
   if (substring("boot", cur_heap) == 0 || (script && !*cur_heap))
diff --git a/shared_src/shared.h b/shared_src/shared.h
index 61c6bb15a..9c9b45870 100644
--- a/shared_src/shared.h
+++ b/shared_src/shared.h
@@ -212,6 +212,7 @@ extern char *grub_scratch_mem;
 #define putchar grub_putchar
 #define strncat grub_strncat
 #define strstr grub_strstr
+#define strcmp grub_strcmp
 #define tolower grub_tolower
 #endif /* WITHOUT_LIBC_STUBS */
 
@@ -454,12 +455,14 @@ int grub_strncat (char *s1, char *s2, int n);
 int grub_bcopy (char *from, char *to, int len);
 int grub_bzero (char *start, int len);
 char *grub_strstr (char *s1, char *s2);
+int grub_strcmp (char *s1, char *s2);
 
 /* misc */
 void init_page (void);
 void print_error (void);
 char *convert_to_ascii (char *buf, int c,...);
-int get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen);
+int get_cmdline (char *prompt, char *commands, char *cmdline,
+		 int maxlen, int echo_char);
 int substring (char *s1, char *s2);
 int get_based_digit (int c, int base);
 int safe_parse_maxint (char **str_ptr, int *myint_ptr);
diff --git a/shared_src/stage2.c b/shared_src/stage2.c
index cd2798565..a072b82e4 100644
--- a/shared_src/stage2.c
+++ b/shared_src/stage2.c
@@ -314,24 +314,30 @@ restart:
 	      if (c == 'p')
 		{
 		  /* Do password check here! */
-		  char *ptr = password;
-		  gotoxy(2, 22);
-		  printf("Entering password...  ");
-		  do
+		  char entered[32];
+		  char *pptr = password;
+
+		  gotoxy(1, 21);
+		  get_cmdline (" Password: ", commands, entered, 31, '*');
+
+		  while (! isspace (*pptr))
+		    pptr ++;
+		  if (! strcmp (password, entered))
 		    {
-		      if (isspace(*ptr))
-			{
-			  char *new_file = config_file;
-			  while (isspace(*ptr)) ptr++;
-			  while ((*(new_file++) = *(ptr++)) != 0);
-			  return;
-			}
-		      c = ASCII_CHAR(getkey());
+		      char *new_file = config_file;
+		      bzero (entered, sizeof (entered));
+		      while (isspace (*pptr))
+			pptr ++;
+		      while ((*(new_file ++) = *(pptr ++)) != 0);
+		      return;
+		    }
+		  else
+		    {
+		      bzero (entered, sizeof (entered));
+		      printf("Failed!\n      Press any key to continue...");
+		      getkey ();
+		      goto restart;
 		    }
-		  while (*(ptr++) == c);
-		  printf("Failed!\n      Press any key to continue...");
-		  getkey();
-		  goto restart;
 		}
 	    }
 	  else
@@ -379,8 +385,8 @@ restart:
 		      saved_partition = install_partition;
 		      current_drive = 0xFF;
 
-		      if (!get_cmdline(PACKAGE " edit> ", commands, new_heap,
-				       NEW_HEAPSIZE + 1))
+		      if (! get_cmdline(PACKAGE " edit> ", commands, new_heap,
+					NEW_HEAPSIZE + 1, 0))
 			{
 			  int j = 0;