1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
|
From b3a21a4a6d7af3dc14417c89ec2ef2732a24939b Mon Sep 17 00:00:00 2001
From: Rolf Eike Beer <eike@sf-mail.de>
Date: Sat, 26 Oct 2019 18:14:13 +0200
Subject: [PATCH 1/2] check crypt() return value for NULL
Passing NULL to strcmp() would lead to a crash otherwise.
---
vcdb.c | 7 ++++++-
vchkpw.c | 11 +++++++++--
vldap.c | 8 +++++++-
vmysql.c | 8 +++++++-
vpgsql.c | 8 +++++++-
vsybase.c | 8 +++++++-
6 files changed, 43 insertions(+), 7 deletions(-)
diff --git a/vcdb.c b/vcdb.c
index 55c1cb5..1bf9cd8 100644
--- a/vcdb.c
+++ b/vcdb.c
@@ -1160,7 +1160,12 @@ void vcdb_strip_char( char *instr )
int vauth_crypt(char *user,char *domain,char *clear_pass,struct vqpasswd *vpw)
{
+ const char *c;
if ( vpw == NULL ) return(-1);
- return(strcmp(crypt(clear_pass,vpw->pw_passwd),vpw->pw_passwd));
+ c = crypt(clear_pass,vpw->pw_passwd);
+
+ if ( c == NULL ) return(-1);
+
+ return(strcmp(c,vpw->pw_passwd));
}
diff --git a/vchkpw.c b/vchkpw.c
index d7d4351..a7c4b9e 100644
--- a/vchkpw.c
+++ b/vchkpw.c
@@ -607,6 +607,7 @@ void login_system_user()
struct spwd *spw;
#endif
struct passwd *pw;
+ const char *c;
if ((pw=getpwnam(TheUser)) == NULL ) {
snprintf(LogLine, sizeof(LogLine), "%s: system user not found %s:%s",
@@ -626,9 +627,15 @@ void login_system_user()
vchkpw_exit(22);
}
- if ( strcmp(crypt(ThePass,spw->sp_pwdp),spw->sp_pwdp) != 0 ) {
+ c = crypt(ThePass,spw->sp_pwdp);
+
+ if ( c == NULL ) vchkpw_exit(24);
+ if ( strcmp(c,spw->sp_pwdp) != 0 ) {
#else
- if ( strcmp(crypt(ThePass,pw->pw_passwd),pw->pw_passwd) != 0 ) {
+ c = crypt(ThePass,pw->pw_passwd);
+
+ if ( c == NULL ) vchkpw_exit(24);
+ if ( strcmp(c,pw->pw_passwd) != 0 ) {
#endif
if (ENABLE_LOGGING==1||ENABLE_LOGGING==2) {
snprintf(LogLine, sizeof(LogLine), "%s: system password fail %s:%s",
diff --git a/vldap.c b/vldap.c
index 75329ef..5fcce99 100644
--- a/vldap.c
+++ b/vldap.c
@@ -1495,10 +1495,16 @@ void *safe_malloc (size_t siz) {
/***************************************************************************/
int vauth_crypt(char *user,char *domain,char *clear_pass,struct vqpasswd *vpw) {
+ const char *c;
+
if ( vpw == NULL )
return(-1);
- return(strcmp(crypt(clear_pass,vpw->pw_passwd),vpw->pw_passwd));
+ c = crypt(clear_pass,vpw->pw_passwd);
+
+ if ( c == NULL ) return(-1);
+
+ return(strcmp(c,vpw->pw_passwd));
}
/***************************************************************************/
diff --git a/vmysql.c b/vmysql.c
index 4215a39..c5173d9 100644
--- a/vmysql.c
+++ b/vmysql.c
@@ -1862,7 +1862,13 @@ int vdel_limits(const char *domain)
/************************************************************************/
int vauth_crypt(char *user,char *domain,char *clear_pass,struct vqpasswd *vpw)
{
+ const char *c;
+
if ( vpw == NULL ) return(-1);
- return(strcmp(crypt(clear_pass,vpw->pw_passwd),vpw->pw_passwd));
+ c = crypt(clear_pass,vpw->pw_passwd);
+
+ if ( c == NULL ) return(-1);
+
+ return(strcmp(c,vpw->pw_passwd));
}
diff --git a/vpgsql.c b/vpgsql.c
index c55b9e2..b5dd40b 100644
--- a/vpgsql.c
+++ b/vpgsql.c
@@ -1667,8 +1667,14 @@ void vcreate_vlog_table()
int vauth_crypt(char *user,char *domain,char *clear_pass,struct vqpasswd *vpw)
{
+ const char *c;
+
if ( vpw == NULL ) return(-1);
- return(strcmp(crypt(clear_pass,vpw->pw_passwd),vpw->pw_passwd));
+ c = crypt(clear_pass,vpw->pw_passwd);
+
+ if ( c == NULL ) return(-1);
+
+ return(strcmp(c,vpw->pw_passwd));
}
diff --git a/vsybase.c b/vsybase.c
index c6d7234..26f7447 100644
--- a/vsybase.c
+++ b/vsybase.c
@@ -640,7 +640,13 @@ int vshow_ip_map( int first, char *ip, char *domain);
int vauth_crypt(char *user,char *domain,char *clear_pass,struct vqpasswd *vpw)
{
+ const char *c;
+
if ( vpw == NULL ) return(-1);
- return(strcmp(crypt(clear_pass,vpw->pw_passwd),vpw->pw_passwd));
+ c = crypt(clear_pass,vpw->pw_passwd);
+
+ if ( c == NULL ) return(-1);
+
+ return(strcmp(c,vpw->pw_passwd));
}
--
2.16.4
|
GitWeb