Handle NULL return from crypt(3). Mostly from DragonFly

This commit is contained in:
Kevin Lo 2012-02-22 06:27:20 +00:00
parent 5bfdf7f990
commit 29dcf726d2
8 changed files with 33 additions and 12 deletions

View File

@ -657,7 +657,8 @@ single_user(void)
_exit(0);
password = crypt(clear, pp->pw_passwd);
bzero(clear, _PASSWORD_LEN);
if (strcmp(password, pp->pw_passwd) == 0)
if (password == NULL ||
strcmp(password, pp->pw_passwd) == 0)
break;
warning("single-user login failed\n");
}

View File

@ -94,6 +94,9 @@ main(int argc, char **argv)
#ifdef YP
char *master;
#endif
#ifdef YPPASSWD
char *cryptpw;
#endif
while ((ch = getopt(argc, argv, "f")) != -1)
switch(ch) {
@ -149,7 +152,8 @@ main(int argc, char **argv)
pass = getpass("Password:");
#ifdef YPPASSWD
if (!force) {
if (strcmp(crypt(pass, pw->pw_passwd), pw->pw_passwd) != 0)
cryptpw = crypt(pass, pw->pw_passwd);
if (cryptpw == NULL || strcmp(cryptpw, pw->pw_passwd) != 0)
errx(1, "invalid password");
}
#else

View File

@ -41,9 +41,15 @@ setup(char *pw)
char salt[3];
unsigned rnd;
int32_t seed;
char *cryptpw;
strlcpy(salt, pw, sizeof(salt));
memcpy(buf, crypt(pw, salt), sizeof(buf));
cryptpw = crypt(pw, salt);
if (cryptpw == NULL) {
fprintf(stderr, "crypt(3) failure\n");
exit(1);
}
memcpy(buf, cryptpw, sizeof(buf));
seed = 123;
for (i=0; i<13; i++)
seed = seed*buf[i] + i;

View File

@ -94,7 +94,7 @@ main(int argc, char **argv)
struct itimerval ntimer, otimer;
struct tm *timp;
int ch, failures, sectimeout, usemine, vtylock;
char *ap, *mypw, *ttynam, *tzn;
char *ap, *cryptpw, *mypw, *ttynam, *tzn;
char hostname[MAXHOSTNAMELEN], s[BUFSIZ], s1[BUFSIZ];
openlog("lock", LOG_ODELAY, LOG_AUTH);
@ -222,7 +222,8 @@ main(int argc, char **argv)
}
if (usemine) {
s[strlen(s) - 1] = '\0';
if (!strcmp(mypw, crypt(s, mypw)))
cryptpw = crypt(s, mypw);
if (cryptpw == NULL || !strcmp(mypw, cryptpw))
break;
}
else if (!strcmp(s, s1))

View File

@ -151,7 +151,7 @@ addgroup(const char *grpname)
int dbmember, i, ngrps;
gid_t egid;
struct group *grp;
char *ep, *pass;
char *ep, *pass, *cryptpw;
char **p;
egid = getegid();
@ -178,8 +178,10 @@ addgroup(const char *grpname)
}
if (!dbmember && *grp->gr_passwd != '\0' && getuid() != 0) {
pass = getpass("Password:");
if (pass == NULL ||
strcmp(grp->gr_passwd, crypt(pass, grp->gr_passwd)) != 0) {
if (pass == NULL)
return;
cryptpw = crypt(pass, grp->gr_passwd);
if (cryptpw == NULL || strcmp(grp->gr_passwd, cryptpw) != 0) {
fprintf(stderr, "Sorry\n");
return;
}

View File

@ -126,9 +126,11 @@ auth_CheckPasswd(const char *name, const char *data, const char *key)
/* Then look up the real password database */
struct passwd *pw;
int result;
char *cryptpw;
cryptpw = crypt(key, pw->pw_passwd);
result = (pw = getpwnam(name)) &&
!strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd);
(cryptpw == NULL || !strcmp(cryptpw, pw->pw_passwd));
endpwent();
return result;
#else /* !NOPAM */

View File

@ -1028,6 +1028,7 @@ pw_pwcrypt(char *password)
{
int i;
char salt[SALTSIZE + 1];
char *cryptpw;
static char buf[256];
@ -1038,7 +1039,10 @@ pw_pwcrypt(char *password)
salt[i] = chars[arc4random_uniform(sizeof(chars) - 1)];
salt[SALTSIZE] = '\0';
return strcpy(buf, crypt(password, salt));
cryptpw = crypt(password, salt);
if (cryptpw == NULL)
errx(EX_CONFIG, "crypt(3) failure");
return strcpy(buf, cryptpw);
}

View File

@ -460,6 +460,7 @@ yppasswdproc_update_1_svc(yppasswd *argp, struct svc_req *rqstp)
int passwd_changed = 0;
int shell_changed = 0;
int gecos_changed = 0;
char *cryptpw;
char *oldshell = NULL;
char *oldgecos = NULL;
char *passfile_hold;
@ -537,8 +538,8 @@ yppasswdproc_update_1_svc(yppasswd *argp, struct svc_req *rqstp)
/* Step 2: check that the supplied oldpass is valid. */
if (strcmp(crypt(argp->oldpass, yp_password.pw_passwd),
yp_password.pw_passwd)) {
cryptpw = crypt(argp->oldpass, yp_password.pw_passwd);
if (cryptpw == NULL || strcmp(cryptpw, yp_password.pw_passwd)) {
yp_error("rejected change attempt -- bad password");
yp_error("client address: %s username: %s",
inet_ntoa(rqhost->sin_addr),