From 5382ccbe9bca9926147f3bccbd23a3d4aef6e301 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 6 Aug 2012 09:00:49 +0200 Subject: [PATCH] handle crypt() returning NULL (#815993) --- openssh-5.9p1-null-xcrypt.patch | 17 +++++++++++++++++ openssh.spec | 4 ++++ 2 files changed, 21 insertions(+) create mode 100644 openssh-5.9p1-null-xcrypt.patch diff --git a/openssh-5.9p1-null-xcrypt.patch b/openssh-5.9p1-null-xcrypt.patch new file mode 100644 index 0000000..50f32ff --- /dev/null +++ b/openssh-5.9p1-null-xcrypt.patch @@ -0,0 +1,17 @@ +Index: auth-passwd.c +=================================================================== +RCS file: /cvs/openssh/auth-passwd.c,v +retrieving revision 1.90 +retrieving revision 1.91 +diff -u -r1.90 -r1.91 +--- auth-passwd.c 8 Mar 2009 00:40:28 -0000 1.90 ++++ auth-passwd.c 25 Apr 2012 23:51:28 -0000 1.91 +@@ -209,6 +209,7 @@ + * Authentication is accepted if the encrypted passwords + * are identical. + */ +- return (strcmp(encrypted_password, pw_password) == 0); ++ return encrypted_password != NULL && ++ strcmp(encrypted_password, pw_password) == 0; + } + #endif diff --git a/openssh.spec b/openssh.spec index daca136..97b6f02 100644 --- a/openssh.spec +++ b/openssh.spec @@ -208,6 +208,9 @@ Patch711: openssh-5.9p1-log-usepam-no.patch Patch712: openssh-5.9p1-ctr-evp-fast.patch # add cavs test binary for the aes-ctr Patch713: openssh-5.9p1-ctr-cavstest.patch +#https://bugzilla.redhat.com/show_bug.cgi?id=815993 +Patch714: openssh-5.9p1-null-xcrypt.patch + #http://www.sxw.org.uk/computing/patches/openssh.html Patch800: openssh-5.9p1-gsskex.patch @@ -459,6 +462,7 @@ popd %patch711 -p1 -b .log-usepam-no %patch712 -p1 -b .evp-ctr %patch713 -p1 -b .ctr-cavs +%patch714 -p0 -b .null-xcrypt %patch800 -p1 -b .gsskex %patch801 -p1 -b .force_krb