From 1604bf4577ed82fd40991d11c9ebaede1792c2e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Honza=20Hor=C3=A1k?= Date: Mon, 23 Apr 2012 14:37:15 +0200 Subject: [PATCH] Patch from Paul Wouters to handle crypt() returning NULL Resolves: #814803 --- yp-tools-2.12-crypt.patch | 68 +++++++++++++++++++++++++++++++++++++++ yp-tools.spec | 8 ++++- 2 files changed, 75 insertions(+), 1 deletion(-) create mode 100644 yp-tools-2.12-crypt.patch diff --git a/yp-tools-2.12-crypt.patch b/yp-tools-2.12-crypt.patch new file mode 100644 index 0000000..6d03d52 --- /dev/null +++ b/yp-tools-2.12-crypt.patch @@ -0,0 +1,68 @@ +diff -up yp-tools-2.12/src/yppasswd.c.crypt yp-tools-2.12/src/yppasswd.c +--- yp-tools-2.12/src/yppasswd.c.crypt 2012-04-23 13:01:35.599721168 +0200 ++++ yp-tools-2.12/src/yppasswd.c 2012-04-23 13:16:18.251261293 +0200 +@@ -448,13 +448,19 @@ verifypassword (struct passwd *pwd, char + } + + passwdlen = get_passwd_len (pwd->pw_passwd); +- if (pwd->pw_passwd[0] ++ if (pwd->pw_passwd[0] + && 0 != strcmp (pwd->pw_passwd, "x") /* don't check shadow passwords */ +- && !strncmp (pwd->pw_passwd, crypt (pwdstr, pwd->pw_passwd), passwdlen) + && uid) + { +- fputs (_("You cannot reuse the old password.\n"), stderr); +- return 0; ++ char *crypted = crypt(pwdstr, pwd->pw_passwd); ++ if(crypted == NULL) { ++ fputs (_("crypt() call failed.\n"), stderr); ++ return 0; ++ } ++ if(!strncmp (pwd->pw_passwd, crypted, passwdlen)) { ++ fputs (_("You cannot reuse the old password.\n"), stderr); ++ return 0; ++ } + } + + r = 0; +@@ -772,9 +778,16 @@ main (int argc, char **argv) + { + int passwdlen = get_passwd_len (pwd->pw_passwd); + char *sane_passwd = alloca (passwdlen + 1); ++ char *crypted; + strncpy (sane_passwd, pwd->pw_passwd, passwdlen); + sane_passwd[passwdlen] = 0; +- if (strcmp (crypt (s, sane_passwd), sane_passwd)) ++ crypted = crypt (s, sane_passwd); ++ if(crypted == NULL) ++ { ++ fprintf (stderr, _("Sorry - crypt() failed.\n")); ++ return 1; ++ } ++ if (strcmp (crypted, sane_passwd)) + { + fprintf (stderr, _("Sorry.\n")); + return 1; +@@ -789,6 +802,7 @@ main (int argc, char **argv) + char *error_msg; + #endif /* USE_CRACKLIB */ + char *buf, salt[37], *p = NULL; ++ char *crypted; + int tries = 0; + + buf = (char *) malloc (129); +@@ -869,7 +883,13 @@ main (int argc, char **argv) + break; + } + +- yppwd.newpw.pw_passwd = strdup (crypt (buf, salt)); ++ crypted = crypt (buf, salt); ++ if(crypted == NULL) { ++ fprintf (stderr, _("Sorry - crypt() failed.\n")); ++ return 1; ++ } else { ++ yppwd.newpw.pw_passwd = strdup (crypted); ++ } + } + + if (f_flag) diff --git a/yp-tools.spec b/yp-tools.spec index 22136fc..063a5ce 100644 --- a/yp-tools.spec +++ b/yp-tools.spec @@ -1,7 +1,7 @@ Summary: NIS (or YP) client programs Name: yp-tools Version: 2.12 -Release: 8%{?dist} +Release: 9%{?dist} License: GPLv2 Group: System Environment/Base Source: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/yp-tools-%{version}.tar.bz2 @@ -10,6 +10,7 @@ Patch0: yp-tools-2.11-shadow.patch Patch1: yp-tools-2.12-typo.patch Patch2: yp-tools-2.12-gethost.patch Patch3: yp-tools-2.12-hash.patch +Patch4: yp-tools-2.12-crypt.patch Url: http://www.linux-nis.org/nis/yp-tools/index.html Requires: ypbind @@ -39,6 +40,7 @@ you'll need to install the ypserv package on one machine on the network. %patch1 -p1 -b .typo %patch2 -p1 -b .gethost %patch3 -p1 -b .hash +%patch4 -p1 -b .crypt %build %configure --disable-domainname @@ -60,6 +62,10 @@ make DESTDIR="$RPM_BUILD_ROOT" INSTALL_PROGRAM=install install /var/yp/nicknames %changelog +* Mon Apr 23 2012 Honza Horak - 2.12-9 +- Patch from Paul Wouters to handle crypt() returning NULL + Resolves: #814803 + * Sat Jan 14 2012 Fedora Release Engineering - 2.12-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild