From 1329c68b19daa6d5793dd672db73ebe85465eea9 Mon Sep 17 00:00:00 2001 From: Paul Wouters Date: Wed, 11 Apr 2012 21:13:14 +0200 Subject: [PATCH] Check for crypt() failure returning NULL. * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Adjust syslog message. * modules/pam_unix/passverify.c (create_password_hash): Check for crypt() returning NULL. --- modules/pam_unix/pam_unix_passwd.c | 2 +- modules/pam_unix/passverify.c | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index e9059d3..9e1302d 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -800,7 +800,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) tpass = create_password_hash(pamh, pass_new, ctrl, rounds); if (tpass == NULL) { pam_syslog(pamh, LOG_CRIT, - "out of memory for password"); + "crypt() failure or out of memory for password"); pass_new = pass_old = NULL; /* tidy up */ unlock_pwdf(); return PAM_BUF_ERR; diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c index 5289955..4840bb2 100644 --- a/modules/pam_unix/passverify.c +++ b/modules/pam_unix/passverify.c @@ -424,7 +424,7 @@ PAMH_ARG_DECL(char * create_password_hash, } #endif sp = crypt(password, salt); - if (strncmp(algoid, sp, strlen(algoid)) != 0) { + if (!sp || strncmp(algoid, sp, strlen(algoid)) != 0) { /* libxcrypt/libc doesn't know the algorithm, use MD5 */ pam_syslog(pamh, LOG_ERR, "Algo %s not supported by the crypto backend, " @@ -432,7 +432,9 @@ PAMH_ARG_DECL(char * create_password_hash, on(UNIX_BLOWFISH_PASS, ctrl) ? "blowfish" : on(UNIX_SHA256_PASS, ctrl) ? "sha256" : on(UNIX_SHA512_PASS, ctrl) ? "sha512" : algoid); - memset(sp, '\0', strlen(sp)); + if(sp) { + memset(sp, '\0', strlen(sp)); + } return crypt_md5_wrapper(password); } -- 1.7.7.6