int sockfd = -1, retval;
response_header hdr;
- if (new_pwd == NULL || strlen(new_pwd) > SECURITY_SERVER_MAX_PASSWORD_LEN)
+ if (new_pwd == NULL || strlen(new_pwd) > SECURITY_SERVER_MAX_PASSWORD_LEN || strlen(new_pwd) == 0)
{
retval = SECURITY_SERVER_ERROR_INPUT_PARAM;
goto error;
int sockfd = -1, retval;
response_header hdr;
- if (new_pwd == NULL || strlen(new_pwd) > SECURITY_SERVER_MAX_PASSWORD_LEN)
+ if (new_pwd == NULL || strlen(new_pwd) > SECURITY_SERVER_MAX_PASSWORD_LEN || strlen(new_pwd) == 0)
{
retval = SECURITY_SERVER_ERROR_INPUT_PARAM;
goto error;
response_header hdr;
if (challenge == NULL || strlen(challenge) > SECURITY_SERVER_MAX_PASSWORD_LEN
- || current_attempt == NULL || max_attempts == NULL || valid_secs == NULL)
+ || strlen(challenge) == 0 || current_attempt == NULL
+ || max_attempts == NULL || valid_secs == NULL)
{
retval = SECURITY_SERVER_ERROR_INPUT_PARAM;
goto error;
/*! \brief indicating password retry timeout is not occurred yet */
#define SECURITY_SERVER_API_ERROR_PASSWORD_REUSED -20
-/*! \brief indicating password is empty */
-#define SECURITY_SERVER_API_ERROR_PASSWORD_EMPTY -21
-
/*! \brief indicating the error with unknown reason */
#define SECURITY_SERVER_API_ERROR_UNKNOWN -255
/** @}*/
}
goto error;
}
+ else if (new_pwd_len <= 0)
+ {
+ SECURE_SLOGE("Error: Password length too short: %d", new_pwd_len);
+ retval = send_generic_response(sockfd,
+ SECURITY_SERVER_MSG_TYPE_CHK_PWD_RESPONSE,
+ SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
+ if (retval != SECURITY_SERVER_SUCCESS)
+ {
+ SEC_SVR_ERR("Server ERROR: Cannot send generic response: %d", retval);
+ }
+ goto error;
+ }
/* Receive current password */
if (cur_pwd_len > 0)
}
goto error;
}
+ else if (new_pwd_len <= 0)
+ {
+ SECURE_SLOGE("Error: Password length too short: %d", new_pwd_len);
+ retval = send_generic_response(sockfd,
+ SECURITY_SERVER_MSG_TYPE_CHK_PWD_RESPONSE,
+ SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
+ if (retval != SECURITY_SERVER_SUCCESS)
+ {
+ SEC_SVR_ERR("Server ERROR: Cannot send generic response: %d", retval);
+ }
+ goto error;
+ }
/* Receive new password */
retval = TEMP_FAILURE_RETRY(read(sockfd, requested_new_pwd, new_pwd_len));