Author: kevlo
Date: Wed Feb 22 06:27:20 2012
New Revision: 231994
URL: http://svn.freebsd.org/changeset/base/231994
Log:
Handle NULL return from crypt(3). Mostly from DragonFly
Modified:
head/sbin/init/init.c
head/usr.bin/chkey/chkey.c
head/usr.bin/enigma/enigma.c
head/usr.bin/lock/lock.c
head/usr.bin/newgrp/newgrp.c
head/usr.sbin/ppp/auth.c
head/usr.sbin/pw/pw_user.c
head/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
Modified: head/sbin/init/init.c
==============================================================================
--- head/sbin/init/init.c Wed Feb 22 04:52:38 2012 (r231993)
+++ head/sbin/init/init.c Wed Feb 22 06:27:20 2012 (r231994)
@@ -657,7 +657,8 @@ single_user(void)
_exit(0);
password = crypt(clear, pp->pw_passwd);
bzero(clear, _PASSWORD_LEN);
- if (strcmp(password, pp->pw_passwd) == 0)
+ if (password == NULL ||
+ strcmp(password, pp->pw_passwd) == 0)
break;
warning("single-user login failed\n");
}
Modified: head/usr.bin/chkey/chkey.c
==============================================================================
--- head/usr.bin/chkey/chkey.c Wed Feb 22 04:52:38 2012 (r231993)
+++ head/usr.bin/chkey/chkey.c Wed Feb 22 06:27:20 2012 (r231994)
@@ -94,6 +94,9 @@ main(int argc, char **argv)
#ifdef YP
char *master;
#endif
+#ifdef YPPASSWD
+ char *cryptpw;
+#endif
while ((ch = getopt(argc, argv, "f")) != -1)
switch(ch) {
@@ -149,7 +152,8 @@ main(int argc, char **argv)
pass = getpass("Password:");
#ifdef YPPASSWD
if (!force) {
- if (strcmp(crypt(pass, pw->pw_passwd), pw->pw_passwd) != 0)
+ cryptpw = crypt(pass, pw->pw_passwd);
+ if (cryptpw == NULL || strcmp(cryptpw, pw->pw_passwd) != 0)
errx(1, "invalid password");
}
#else
Modified: head/usr.bin/enigma/enigma.c
==============================================================================
--- head/usr.bin/enigma/enigma.c Wed Feb 22 04:52:38 2012
(r231993)
+++ head/usr.bin/enigma/enigma.c Wed Feb 22 06:27:20 2012
(r231994)
@@ -41,9 +41,15 @@ setup(char *pw)
char salt[3];
unsigned rnd;
int32_t seed;
+ char *cryptpw;
strlcpy(salt, pw, sizeof(salt));
- memcpy(buf, crypt(pw, salt), sizeof(buf));
+ cryptpw = crypt(pw, salt);
+ if (cryptpw == NULL) {
+ fprintf(stderr, "crypt(3) failure\n");
+ exit(1);
+ }
+ memcpy(buf, cryptpw, sizeof(buf));
seed = 123;
for (i=0; i<13; i++)
seed = seed*buf[i] + i;
Modified: head/usr.bin/lock/lock.c
==============================================================================
--- head/usr.bin/lock/lock.c Wed Feb 22 04:52:38 2012 (r231993)
+++ head/usr.bin/lock/lock.c Wed Feb 22 06:27:20 2012 (r231994)
@@ -94,7 +94,7 @@ main(int argc, char **argv)
struct itimerval ntimer, otimer;
struct tm *timp;
int ch, failures, sectimeout, usemine, vtylock;
- char *ap, *mypw, *ttynam, *tzn;
+ char *ap, *cryptpw, *mypw, *ttynam, *tzn;
char hostname[MAXHOSTNAMELEN], s[BUFSIZ], s1[BUFSIZ];
openlog("lock", LOG_ODELAY, LOG_AUTH);
@@ -222,7 +222,8 @@ main(int argc, char **argv)
}
if (usemine) {
s[strlen(s) - 1] = '\0';
- if (!strcmp(mypw, crypt(s, mypw)))
+ cryptpw = crypt(s, mypw);
+ if (cryptpw == NULL || !strcmp(mypw, cryptpw))
break;
}
else if (!strcmp(s, s1))
Modified: head/usr.bin/newgrp/newgrp.c
==============================================================================
--- head/usr.bin/newgrp/newgrp.c Wed Feb 22 04:52:38 2012
(r231993)
+++ head/usr.bin/newgrp/newgrp.c Wed Feb 22 06:27:20 2012
(r231994)
@@ -151,7 +151,7 @@ addgroup(const char *grpname)
int dbmember, i, ngrps;
gid_t egid;
struct group *grp;
- char *ep, *pass;
+ char *ep, *pass, *cryptpw;
char **p;
egid = getegid();
@@ -178,8 +178,10 @@ addgroup(const char *grpname)
}
if (!dbmember && *grp->gr_passwd != '\0' && getuid() != 0) {
pass = getpass("Password:");
- if (pass == NULL ||
- strcmp(grp->gr_passwd, crypt(pass, grp->gr_passwd)) != 0) {
+ if (pass == NULL)
+ return;
+ cryptpw = crypt(pass, grp->gr_passwd);
+ if (cryptpw == NULL || strcmp(grp->gr_passwd, cryptpw) != 0) {
fprintf(stderr, "Sorry\n");
return;
}
Modified: head/usr.sbin/ppp/auth.c
==============================================================================
--- head/usr.sbin/ppp/auth.c Wed Feb 22 04:52:38 2012 (r231993)
+++ head/usr.sbin/ppp/auth.c Wed Feb 22 06:27:20 2012 (r231994)
@@ -126,9 +126,11 @@ auth_CheckPasswd(const char *name, const
/* Then look up the real password database */
struct passwd *pw;
int result;
+ char *cryptpw;
+ cryptpw = crypt(key, pw->pw_passwd);
result = (pw = getpwnam(name)) &&
- !strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd);
+ (cryptpw == NULL || !strcmp(cryptpw, pw->pw_passwd));
endpwent();
return result;
#else /* !NOPAM */
Modified: head/usr.sbin/pw/pw_user.c
==============================================================================
--- head/usr.sbin/pw/pw_user.c Wed Feb 22 04:52:38 2012 (r231993)
+++ head/usr.sbin/pw/pw_user.c Wed Feb 22 06:27:20 2012 (r231994)
@@ -1028,6 +1028,7 @@ pw_pwcrypt(char *password)
{
int i;
char salt[SALTSIZE + 1];
+ char *cryptpw;
static char buf[256];
@@ -1038,7 +1039,10 @@ pw_pwcrypt(char *password)
salt[i] = chars[arc4random_uniform(sizeof(chars) - 1)];
salt[SALTSIZE] = '\0';
- return strcpy(buf, crypt(password, salt));
+ cryptpw = crypt(password, salt);
+ if (cryptpw == NULL)
+ errx(EX_CONFIG, "crypt(3) failure");
+ return strcpy(buf, cryptpw);
}
Modified: head/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
==============================================================================
--- head/usr.sbin/rpc.yppasswdd/yppasswdd_server.c Wed Feb 22 04:52:38
2012 (r231993)
+++ head/usr.sbin/rpc.yppasswdd/yppasswdd_server.c Wed Feb 22 06:27:20
2012 (r231994)
@@ -460,6 +460,7 @@ yppasswdproc_update_1_svc(yppasswd *argp
int passwd_changed = 0;
int shell_changed = 0;
int gecos_changed = 0;
+ char *cryptpw;
char *oldshell = NULL;
char *oldgecos = NULL;
char *passfile_hold;
@@ -537,8 +538,8 @@ yppasswdproc_update_1_svc(yppasswd *argp
/* Step 2: check that the supplied oldpass is valid. */
- if (strcmp(crypt(argp->oldpass, yp_password.pw_passwd),
- yp_password.pw_passwd)) {
+ cryptpw = crypt(argp->oldpass, yp_password.pw_passwd);
+ if (cryptpw == NULL || strcmp(cryptpw, yp_password.pw_passwd)) {
yp_error("rejected change attempt -- bad password");
yp_error("client address: %s username: %s",
inet_ntoa(rqhost->sin_addr),
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "[email protected]"
