Bug#720060: patch fixes the issue

[Philipp Kern]

Hi,

On Wed, Sep 18, 2013 at 10:41:44AM +0200, Jordi Mallach wrote:
> I've added the patch to the SVN repository, and hopefully will upload soon.

I uploaded the patch to DELAYED/3-days as this is a RC bug. Debdiff
attached.

Kind regards
Philipp Kern

diff -Nru mailutils-2.99.98/debian/changelog mailutils-2.99.98/debian/changelog
--- mailutils-2.99.98/debian/changelog  2013-07-03 11:10:03.000000000 +0200
+++ mailutils-2.99.98/debian/changelog  2013-11-22 20:10:13.000000000 +0100
@@ -1,3 +1,11 @@
+mailutils (1:2.99.98-1.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Add patch by Steve M. Robbins to fix a crash upon authentication.
+    (Closes: #720060)
+ 
+ -- Philipp Kern <pk...@debian.org>  Fri, 22 Nov 2013 20:09:51 +0100
+
 mailutils (1:2.99.98-1) unstable; urgency=low
 
   * New upstream release.
diff -Nru mailutils-2.99.98/debian/patches/fix-authentication.patch 
mailutils-2.99.98/debian/patches/fix-authentication.patch
--- mailutils-2.99.98/debian/patches/fix-authentication.patch   1970-01-01 
01:00:00.000000000 +0100
+++ mailutils-2.99.98/debian/patches/fix-authentication.patch   2013-11-22 
20:09:37.000000000 +0100
@@ -0,0 +1,37 @@
+Index: mailutils-2.99.97/libmailutils/auth/system.c
+===================================================================
+--- mailutils-2.99.97.orig/libmailutils/auth/system.c  2013-11-22 
19:35:39.370348860 +0100
++++ mailutils-2.99.97/libmailutils/auth/system.c       2013-11-22 
19:35:39.366348811 +0100
+@@ -104,9 +104,17 @@
+   if (!auth_data || !pass)
+     return EINVAL;
+   
+-  return auth_data->passwd
+-         && strcmp (auth_data->passwd, crypt (pass, auth_data->passwd)) == 0 ?
++  if (!auth_data->passwd)
++    return MU_ERR_AUTH_FAILURE;
++
++  {
++    char *crypt_pass = crypt (pass, auth_data->passwd);
++    if (!crypt_pass)
++      return MU_ERR_AUTH_FAILURE;
++
++    return strcmp (auth_data->passwd, crypt_pass) == 0 ?
+           0 : MU_ERR_AUTH_FAILURE;
++  }
+ }
+ 
+ /* Called only if generic fails */
+@@ -126,8 +134,11 @@
+       struct spwd *spw;
+       spw = getspnam (auth_data->name);
+       if (spw)
+-      return strcmp (spw->sp_pwdp, crypt (pass, spw->sp_pwdp)) == 0 ?
++      {
++        char *crypt_pass = crypt (pass, spw->sp_pwdp);
++        return crypt_pass && strcmp (spw->sp_pwdp, crypt_pass) == 0 ?
+               0 : MU_ERR_AUTH_FAILURE;
++      }
+     }
+ #endif
+   return MU_ERR_AUTH_FAILURE;
diff -Nru mailutils-2.99.98/debian/patches/series 
mailutils-2.99.98/debian/patches/series
--- mailutils-2.99.98/debian/patches/series     2013-07-03 10:24:24.000000000 
+0200
+++ mailutils-2.99.98/debian/patches/series     2013-11-22 20:09:45.000000000 
+0100
@@ -2,3 +2,4 @@
 texinfo_fixes.patch
 tokyocabinet_dependencies.patch
 guile_bindir.patch
+fix-authentication.patch

signature.asc
Description: Digital signature