httpd/httpd-2.4.4-r1476674.patch

Index: support/passwd_common.c
===================================================================
--- a/support/passwd_common.c	(revision 1476673)
+++ b/support/passwd_common.c	(working copy)
@@ -113,17 +113,17 @@
 
 int get_password(struct passwd_ctx *ctx)
 {
+    char buf[MAX_STRING_LEN + 1];
     if (ctx->passwd_src == PW_STDIN) {
-        char *buf = ctx->out;
         apr_file_t *file_stdin;
         apr_size_t nread;
         if (apr_file_open_stdin(&file_stdin, ctx->pool) != APR_SUCCESS) {
             ctx->errstr = "Unable to read from stdin.";
             return ERR_GENERAL;
         }
-        if (apr_file_read_full(file_stdin, buf, ctx->out_len - 1,
+        if (apr_file_read_full(file_stdin, buf, sizeof(buf) - 1,
                                &nread) != APR_EOF
-            || nread == ctx->out_len - 1) {
+            || nread == sizeof(buf) - 1) {
             goto err_too_long;
         }
         buf[nread] = '\0';
@@ -133,21 +133,24 @@
                 buf[nread-2] = '\0';
         }
         apr_file_close(file_stdin);
+        ctx->passwd = apr_pstrdup(ctx->pool, buf);
     }
     else {
-        char buf[MAX_STRING_LEN + 1];
         apr_size_t bufsize = sizeof(buf);
-        if (apr_password_get("New password: ", ctx->out, &ctx->out_len) != 0)
+        if (apr_password_get("New password: ", buf, &bufsize) != 0)
             goto err_too_long;
+        ctx->passwd = apr_pstrdup(ctx->pool, buf);
+        bufsize = sizeof(buf);
+        buf[0] = '\0';
         apr_password_get("Re-type new password: ", buf, &bufsize);
-        if (strcmp(ctx->out, buf) != 0) {
+        if (strcmp(ctx->passwd, buf) != 0) {
             ctx->errstr = "password verification error";
-            memset(ctx->out, '\0', ctx->out_len);
+            memset(ctx->passwd, '\0', strlen(ctx->passwd));
             memset(buf, '\0', sizeof(buf));
             return ERR_PWMISMATCH;
         }
-        memset(buf, '\0', sizeof(buf));
     }
+    memset(buf, '\0', sizeof(buf));
     return 0;
 
 err_too_long:
@@ -164,7 +167,6 @@
 int mkhash(struct passwd_ctx *ctx)
 {
     char *pw;
-    char pwin[MAX_STRING_LEN];
     char salt[16];
     apr_status_t rv;
     int ret = 0;
@@ -177,14 +179,11 @@
                         "Warning: Ignoring -C argument for this algorithm." NL);
     }
 
-    if (ctx->passwd != NULL) {
-        pw = ctx->passwd;
-    }
-    else {
+    if (ctx->passwd == NULL) {
         if ((ret = get_password(ctx)) != 0)
             return ret;
-        pw = pwin;
     }
+    pw = ctx->passwd;
 
     switch (ctx->alg) {
     case ALG_APSHA:
@@ -224,7 +223,7 @@
 
         apr_cpystrn(ctx->out, cbuf, ctx->out_len - 1);
         if (strlen(pw) > 8) {
-            char *truncpw = strdup(pw);
+            char *truncpw = apr_pstrdup(ctx->pool, pw);
             truncpw[8] = '\0';
             if (!strcmp(ctx->out, crypt(truncpw, salt))) {
                 apr_file_printf(errfile, "Warning: Password truncated to 8 "
Index: support/htpasswd.c
===================================================================
--- a/support/htpasswd.c	(revision 1476673)
+++ b/support/htpasswd.c	(working copy)
@@ -253,7 +253,6 @@
 int main(int argc, const char * const argv[])
 {
     apr_file_t *fpw = NULL;
-    const char *errstr = NULL;
     char line[MAX_STRING_LEN];
     char *pwfilename = NULL;
     char *user = NULL;
@@ -345,7 +344,7 @@
     if (!(mask & APHTP_DELUSER)) {
         i = mkrecord(&ctx, user);
         if (i != 0) {
-            apr_file_printf(errfile, "%s: %s" NL, argv[0], errstr);
+            apr_file_printf(errfile, "%s: %s" NL, argv[0], ctx.errstr);
             exit(i);
         }
         if (mask & APHTP_NOFILE) {
htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109) 2013-05-20 07:54:07 +00:00			`Index: support/passwd_common.c`
			`===================================================================`
			`--- a/support/passwd_common.c (revision 1476673)`
			`+++ b/support/passwd_common.c (working copy)`
			`@@ -113,17 +113,17 @@`

			`int get_password(struct passwd_ctx *ctx)`
			`{`
			`+ char buf[MAX_STRING_LEN + 1];`
			`if (ctx->passwd_src == PW_STDIN) {`
			`- char *buf = ctx->out;`
			`apr_file_t *file_stdin;`
			`apr_size_t nread;`
			`if (apr_file_open_stdin(&file_stdin, ctx->pool) != APR_SUCCESS) {`
			`ctx->errstr = "Unable to read from stdin.";`
			`return ERR_GENERAL;`
			`}`
			`- if (apr_file_read_full(file_stdin, buf, ctx->out_len - 1,`
			`+ if (apr_file_read_full(file_stdin, buf, sizeof(buf) - 1,`
			`&nread) != APR_EOF`
			`- \|\| nread == ctx->out_len - 1) {`
			`+ \|\| nread == sizeof(buf) - 1) {`
			`goto err_too_long;`
			`}`
			`buf[nread] = '\0';`
			`@@ -133,21 +133,24 @@`
			`buf[nread-2] = '\0';`
			`}`
			`apr_file_close(file_stdin);`
			`+ ctx->passwd = apr_pstrdup(ctx->pool, buf);`
			`}`
			`else {`
			`- char buf[MAX_STRING_LEN + 1];`
			`apr_size_t bufsize = sizeof(buf);`
			`- if (apr_password_get("New password: ", ctx->out, &ctx->out_len) != 0)`
			`+ if (apr_password_get("New password: ", buf, &bufsize) != 0)`
			`goto err_too_long;`
			`+ ctx->passwd = apr_pstrdup(ctx->pool, buf);`
			`+ bufsize = sizeof(buf);`
			`+ buf[0] = '\0';`
			`apr_password_get("Re-type new password: ", buf, &bufsize);`
			`- if (strcmp(ctx->out, buf) != 0) {`
			`+ if (strcmp(ctx->passwd, buf) != 0) {`
			`ctx->errstr = "password verification error";`
			`- memset(ctx->out, '\0', ctx->out_len);`
			`+ memset(ctx->passwd, '\0', strlen(ctx->passwd));`
			`memset(buf, '\0', sizeof(buf));`
			`return ERR_PWMISMATCH;`
			`}`
			`- memset(buf, '\0', sizeof(buf));`
			`}`
			`+ memset(buf, '\0', sizeof(buf));`
			`return 0;`

			`err_too_long:`
			`@@ -164,7 +167,6 @@`
			`int mkhash(struct passwd_ctx *ctx)`
			`{`
			`char *pw;`
			`- char pwin[MAX_STRING_LEN];`
			`char salt[16];`
			`apr_status_t rv;`
			`int ret = 0;`
			`@@ -177,14 +179,11 @@`
			`"Warning: Ignoring -C argument for this algorithm." NL);`
			`}`

			`- if (ctx->passwd != NULL) {`
			`- pw = ctx->passwd;`
			`- }`
			`- else {`
			`+ if (ctx->passwd == NULL) {`
			`if ((ret = get_password(ctx)) != 0)`
			`return ret;`
			`- pw = pwin;`
			`}`
			`+ pw = ctx->passwd;`

			`switch (ctx->alg) {`
			`case ALG_APSHA:`
			`@@ -224,7 +223,7 @@`

			`apr_cpystrn(ctx->out, cbuf, ctx->out_len - 1);`
			`if (strlen(pw) > 8) {`
			`- char *truncpw = strdup(pw);`
			`+ char *truncpw = apr_pstrdup(ctx->pool, pw);`
			`truncpw[8] = '\0';`
			`if (!strcmp(ctx->out, crypt(truncpw, salt))) {`
			`apr_file_printf(errfile, "Warning: Password truncated to 8 "`
			`Index: support/htpasswd.c`
			`===================================================================`
			`--- a/support/htpasswd.c (revision 1476673)`
			`+++ b/support/htpasswd.c (working copy)`
			`@@ -253,7 +253,6 @@`
			`int main(int argc, const char * const argv[])`
			`{`
			`apr_file_t *fpw = NULL;`
			`- const char *errstr = NULL;`
			`char line[MAX_STRING_LEN];`
			`char *pwfilename = NULL;`
			`char *user = NULL;`
			`@@ -345,7 +344,7 @@`
			`if (!(mask & APHTP_DELUSER)) {`
			`i = mkrecord(&ctx, user);`
			`if (i != 0) {`
			`- apr_file_printf(errfile, "%s: %s" NL, argv[0], errstr);`
			`+ apr_file_printf(errfile, "%s: %s" NL, argv[0], ctx.errstr);`
			`exit(i);`
			`}`
			`if (mask & APHTP_NOFILE) {`