FreeBSD Bugzilla – Attachment 187159 Details for
Bug 222999
[patch] Fix multiple seg-faults on crypt(3) failure
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
crypt(3) - strcmp(3) seg-faults patch
0001-freebsd-crypt.diff (text/plain), 4.52 KB, created by
Lubos Boucek
on 2017-10-14 09:03:47 UTC
(
hide
)
Description:
crypt(3) - strcmp(3) seg-faults patch
Filename:
MIME Type:
Creator:
Lubos Boucek
Created:
2017-10-14 09:03:47 UTC
Size:
4.52 KB
patch
obsolete
>Index: contrib/opie/opieftpd.c >=================================================================== >--- contrib/opie/opieftpd.c (revision 324609) >+++ contrib/opie/opieftpd.c (working copy) >@@ -524,6 +524,7 @@ > VOIDRET pass FUNCTION((passwd), char *passwd) > { > int legit = askpasswd + 1, i; >+ char *cryptpw; > > if (logged_in || askpasswd == 0) { > reply(503, "Login with USER first."); >@@ -535,8 +536,10 @@ > if (!guest) { /* "ftp" is only account allowed no password */ > #endif /* DOANONYMOUS */ > i = opieverify(&opiestate, passwd); >- if (legit && i && pwok) >- i = strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd); >+ if (legit && i && pwok) { >+ cryptpw = crypt(passwd, pw->pw_passwd); >+ i = (cryptpw == NULL || strcmp(cryptpw, pw->pw_passwd) != 0); >+ } > if (!legit || i) { > reply(530, "Login incorrect."); > pw = NULL; >Index: contrib/opie/opiesu.c >=================================================================== >--- contrib/opie/opiesu.c (revision 324609) >+++ contrib/opie/opiesu.c (working copy) >@@ -309,6 +309,7 @@ > struct passwd *pwd; > char *p = getlogin(); > char buf[32]; >+ char *cryptpw; > > if ((pwd = getpwuid(getuid())) == NULL) { > syslog(LOG_CRIT, "'%s' failed for unknown uid %d on %s", argvbuf, getuid(), ttyname(2)); >@@ -425,7 +426,8 @@ > > if (console) { > /* Try regular password check, if allowed */ >- if (!strcmp(crypt(pbuf, thisuser.pw_passwd), thisuser.pw_passwd)) >+ cryptpw = crypt(pbuf, thisuser.pw_passwd); >+ if (cryptpw != NULL && strcmp(cryptpw, thisuser.pw_passwd) == 0) > goto ok; > } else { > int i = opiegetsequence(&opie); >Index: contrib/pam_modules/pam_passwdqc/pam_passwdqc.c >=================================================================== >--- contrib/pam_modules/pam_passwdqc/pam_passwdqc.c (revision 324609) >+++ contrib/pam_modules/pam_passwdqc/pam_passwdqc.c (working copy) >@@ -318,7 +318,7 @@ > #endif > pam_item_t item; > lo_const char *user, *oldpass, *curpass; >- char *newpass, *randompass; >+ char *newpass, *randompass, *cryptpw; > const char *reason; > int ask_oldauthtok; > int randomonly, enforce, retries_left, retry_wanted; >@@ -388,8 +388,9 @@ > spw = getspnam(user); > endspent(); > if (spw) { >- if (strcmp(crypt(oldpass, spw->sp_pwdp), >- spw->sp_pwdp)) >+ cryptpw = crypt(oldpass, spw->sp_pwdp); >+ if (cryptpw == NULL || strcmp(cryptpw, >+ spw->sp_pwdp) != 0) > status = PAM_AUTH_ERR; > memset(spw->sp_pwdp, 0, > strlen(spw->sp_pwdp)); >@@ -397,8 +398,9 @@ > status = PAM_AUTH_ERR; > } else > #endif >- if (strcmp(crypt(oldpass, pw->pw_passwd), >- pw->pw_passwd)) >+ cryptpw = crypt(oldpass, pw->pw_passwd); >+ if (cryptpw == NULL || strcmp(cryptpw, >+ pw->pw_passwd) != 0) > status = PAM_AUTH_ERR; > } > memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); >Index: crypto/heimdal/lib/roken/verify.c >=================================================================== >--- crypto/heimdal/lib/roken/verify.c (revision 324609) >+++ crypto/heimdal/lib/roken/verify.c (working copy) >@@ -46,6 +46,7 @@ > unix_verify_user(char *user, char *password) > { > struct passwd *pw; >+ char *cryptpw; > > pw = k_getpwnam(user); > if(pw == NULL) >@@ -52,7 +53,8 @@ > return -1; > if(strlen(pw->pw_passwd) == 0 && strlen(password) == 0) > return 0; >- if(strcmp(crypt(password, pw->pw_passwd), pw->pw_passwd) == 0) >+ cryptpw = crypt(password, pw->pw_passwd); >+ if(cryptpw != NULL && strcmp(cryptpw, pw->pw_passwd) == 0) > return 0; > return -1; > } >Index: lib/libpam/modules/pam_unix/pam_unix.c >=================================================================== >--- lib/libpam/modules/pam_unix/pam_unix.c (revision 324609) >+++ lib/libpam/modules/pam_unix/pam_unix.c (working copy) >@@ -92,6 +92,7 @@ > struct passwd *pwd; > int retval; > const char *pass, *user, *realpw, *prompt; >+ char *cryptpw; > > if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) { > user = getlogin(); >@@ -125,7 +126,8 @@ > if (retval != PAM_SUCCESS) > return (retval); > PAM_LOG("Got password"); >- if (strcmp(crypt(pass, realpw), realpw) == 0) >+ cryptpw = crypt(pass, realpw); >+ if (cryptpw != NULL && strcmp(cryptpw, realpw) == 0) > return (PAM_SUCCESS); > > PAM_VERBOSE_ERROR("UNIX authentication refused"); >@@ -345,7 +347,7 @@ > if (old_pass[0] == '\0' && > !openpam_get_option(pamh, PAM_OPT_NULLOK)) > return (PAM_PERM_DENIED); >- if (strcmp(encrypted, pwd->pw_passwd) != 0) >+ if (encrypted == NULL || strcmp(encrypted, pwd->pw_passwd) != 0) > return (PAM_PERM_DENIED); > } > else if (flags & PAM_UPDATE_AUTHTOK) {
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 222999
: 187159