diff options
Diffstat (limited to 'source/ap/screen/screen.crypt.diff')
| -rw-r--r-- | source/ap/screen/screen.crypt.diff | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/source/ap/screen/screen.crypt.diff b/source/ap/screen/screen.crypt.diff new file mode 100644 index 00000000..2c80efbb --- /dev/null +++ b/source/ap/screen/screen.crypt.diff @@ -0,0 +1,126 @@ +From cbaa666d4f21988164068a38ac915f8b4f3c4da3 Mon Sep 17 00:00:00 2001 +From: Sadrul Habib Chowdhury <sadrul@users.sourceforge.net> +Date: Sat, 15 Sep 2012 03:40:23 +0000 +Subject: Guard against NULL returns from crypt(). + +crypt() can return NULL on an error. Make sure these nulls are +handled properly instead of crashing. The fix is thanks to a patch +from Lukás Nykrýn <lnykryn@redhat.com>. +--- +diff --git a/src/acls.c b/src/acls.c +index e728bb8..2f8c809 100644 +--- a/src/acls.c ++++ b/src/acls.c +@@ -455,6 +455,16 @@ int recursive; + return gp; /* *gp is NULL */ + } + ++static int ++PasswordMatches(pw, password) ++const char *pw, *password; ++{ ++ if (!*password) ++ return 0; ++ char *buf = crypt(pw, password); ++ return (buf && !strcmp(buf, password)); ++} ++ + /* + * Returns nonzero if failed or already linked. + * Both users are created on demand. +@@ -544,8 +554,7 @@ char *name, *pw1, *pw2; + + if (pw2 && *pw2 && *pw2 != '\377') /* provided a system password */ + { +- if (!*pass || /* but needed none */ +- strcmp(crypt(pw2, pass), pass)) ++ if (!PasswordMatches(pw2, pass)) + { + debug("System password mismatch\n"); + sorry++; +@@ -554,11 +563,10 @@ char *name, *pw1, *pw2; + else /* no pasword provided */ + if (*pass) /* but need one */ + sorry++; +-#endif ++#endif /* CHECKLOGIN */ + if (pw1 && *pw1 && *pw1 != '\377') /* provided a screen password */ + { +- if (!*u->u_password || /* but needed none */ +- strcmp(crypt(pw1, u->u_password), u->u_password)) ++ if (!PasswordMatches(pw1, u->u_password)) + { + debug("screen password mismatch\n"); + sorry++; +diff --git a/src/attacher.c b/src/attacher.c +index 370d594..4e496be 100644 +--- a/src/attacher.c ++++ b/src/attacher.c +@@ -882,6 +882,12 @@ screen_builtin_lck() + salt[1] = 'A' + (int)((time(0) >> 6) % 26); + salt[2] = 0; + pass = crypt(mypass, salt); ++ if (!pass) ++ { ++ fprintf(stderr, "crypt() error.\007\n"); ++ sleep(2); ++ return; ++ } + pass = ppp->pw_passwd = SaveStr(pass); + } + #endif +@@ -924,7 +930,8 @@ screen_builtin_lck() + if (pam_error == PAM_SUCCESS) + break; + #else +- if (!strncmp(crypt(cp1, pass), pass, strlen(pass))) ++ char *buf = crypt(cp1, pass); ++ if (buf && !strncmp(buf, pass, strlen(pass))) + break; + #endif + debug("screen_builtin_lck: NO!!!!!\n"); +diff --git a/src/process.c b/src/process.c +index bdf9355..30497a3 100644 +--- a/src/process.c ++++ b/src/process.c +@@ -6360,6 +6360,12 @@ char *data; + buf = crypt(u->u_password, salt); + bzero(u->u_password, strlen(u->u_password)); + free((char *)u->u_password); ++ if (!buf) ++ { ++ Msg(0, "[ crypt() error - no secure ]"); ++ u->u_password = NullStr; ++ return; ++ } + u->u_password = SaveStr(buf); + bzero(buf, strlen(buf)); + #ifdef COPY_PASTE +diff --git a/src/socket.c b/src/socket.c +index 8f9a315..a7755a4 100644 +--- a/src/socket.c ++++ b/src/socket.c +@@ -1565,13 +1565,18 @@ int ilen; + c = *(unsigned char *)ibuf++; + if (c == '\r' || c == '\n') + { ++ char *buf = NULL; + up = D_user->u_password; + pwdata->buf[l] = 0; +- if (strncmp(crypt(pwdata->buf, up), up, strlen(up))) ++ buf = crypt(pwdata->buf, up); ++ if (!buf || strncmp(buf, up, strlen(up))) + { + /* uh oh, user failed */ + bzero(pwdata->buf, sizeof(pwdata->buf)); +- AddStr("\r\nPassword incorrect.\r\n"); ++ if (!buf) ++ AddStr("\r\ncrypt() failed.\r\n"); ++ else ++ AddStr("\r\nPassword incorrect.\r\n"); + D_processinputdata = 0; /* otherwise freed by FreeDis */ + FreeDisplay(); + Msg(0, "Illegal reattach attempt from terminal %s.", pwdata->m.m_tty); +-- +cgit v0.9.0.2 + |