An initial analysis of the discovered Unix V4 tape

https://news.ycombinator.com/item?id=46367744

Unix v4 (1973) – Live Terminal

https://news.ycombinator.com/item?id=46468283

   +       register int i;
           q = password;
   -       while((*q = getchar()) != '\n')
   +       i = 0;
   +       while((*q = getchar()) != '\n') {
   +               if (++i >= sizeof(password))
   +                       goto error;

        extern fin;

        if(getpw(0, pwbuf))
                goto badpw;
        (&fin)[1] = 0;

I took a different tack. The buffer was allocated with malloc. When a string was larger, it was realloced to a larger size. This worked until memory was exhausted, and then the program quit.

It was actually less code to implement than having a fixed size buffer.

Ditto for the other compilation limits, such as length of a line. The only limit was running out of memory.

If so, could you type the same password that’s exactly 100 bytes twice and then hit enter to gain root? With only clobbering one additional byte, of ttybuf?

Edit: no, silly, password is overwritten with its hash before the comparison.

ttybuf[2] =& ~010;

Which is another bug.

# ... sound of crickets ...

Wanna see me do it again?