Bug #3069 ยป 0001-Fix-seg-faults-on-crypt-3-failure.patch
| sbin/init/init.c | ||
|---|---|---|
|
_exit(0);
|
||
|
password = crypt(clear, pp->pw_passwd);
|
||
|
bzero(clear, _PASSWORD_LEN);
|
||
|
if (strcmp(password, pp->pw_passwd) == 0)
|
||
|
if (password != NULL && strcmp(password, pp->pw_passwd) == 0)
|
||
|
break;
|
||
|
warning("single-user login failed\n");
|
||
|
}
|
||
| usr.sbin/pppd/auth.c | ||
|---|---|---|
|
char secret[MAXWORDLEN];
|
||
|
static int attempts = 0;
|
||
|
int len;
|
||
|
char *cryptpw;
|
||
|
/*
|
||
|
* Make copies of apasswd and auser, then null-terminate them.
|
||
| ... | ... | |
|
} else {
|
||
|
if (secret[0] != 0) {
|
||
|
/* password given in pap-secrets - must match */
|
||
|
cryptpw = crypt(passwd, secret);
|
||
|
if ((cryptpap || strcmp(passwd, secret) != 0)
|
||
|
&& strcmp(crypt(passwd, secret), secret) != 0) {
|
||
|
&& (cryptpw == NULL || strcmp(cryptpw, secret) != 0)) {
|
||
|
ret = UPAP_AUTHNAK;
|
||
|
warn("PAP authentication failure for %s", user);
|
||
|
}
|
||
| usr.sbin/rpc.yppasswdd/yppasswdd_server.c | ||
|---|---|---|
|
char passfile_buf[MAXPATHLEN + 2];
|
||
|
char passfile_hold_buf[MAXPATHLEN + 2];
|
||
|
char *domain = yppasswd_domain;
|
||
|
char *cryptpw;
|
||
|
static struct sockaddr_in clntaddr;
|
||
|
static struct timeval t_saved, t_test;
|
||
| ... | ... | |
|
/* Step 2: check that the supplied oldpass is valid. */
|
||
|
if (strcmp(crypt(argp->oldpass, yp_password.pw_passwd),
|
||
|
yp_password.pw_passwd)) {
|
||
|
cryptpw = crypt(argp->oldpass, yp_password.pw_passwd);
|
||
|
if (cryptpw == NULL || strcmp(cryptpw, yp_password.pw_passwd) != 0) {
|
||
|
yp_error("rejected change attempt -- bad password");
|
||
|
yp_error("client address: %s username: %s",
|
||
|
inet_ntoa(rqhost->sin_addr),
|
||