Commit c17b89f4 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Add additional crypt() sanity checks.

parent 6a06fb7f
......@@ -748,7 +748,7 @@ static int chk_unix(
const struct berval * cred )
{
int i;
char *pw;
char *pw,*cr;
for( i=0; i<cred->bv_len; i++) {
if(cred->bv_val[i] == '\0') {
......@@ -794,13 +794,18 @@ static int chk_unix(
if( pw == NULL || *pw == '\0' ) return 1;
return strcmp(pw, crypt(cred->bv_val, pw));
cr = crypt(cred->bv_val, pw);
if( cr == NULL || *cr == '\0' ) return 1;
return strcmp(pw, cr);
}
# endif
#endif
/* PASSWORD CHECK ROUTINES */
/* PASSWORD GENERATION ROUTINES */
static struct berval *hash_ssha1(
const struct pw_scheme *scheme,
const struct berval *passwd )
......@@ -928,8 +933,13 @@ static struct berval *hash_crypt(
hash.bv_val = crypt( passwd->bv_val, salt );
if( hash.bv_val == NULL ) return NULL;
hash.bv_len = strlen( hash.bv_val );
if( hash.bv_len == 0 ) {
return NULL;
}
return pw_string( scheme, &hash );
}
#endif
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment