Project

General

Profile

Bug #3080 ยป 0001-Fix-additional-cases-of-seg-faults-on-crypt-3-failur.patch

lubos, 10/13/2017 02:37 PM

View differences:

contrib/opie/opieftpd.c
VOIDRET pass FUNCTION((passwd), char *passwd)
{
int legit = askpasswd + 1, i;
char *cryptpw;
if (logged_in || askpasswd == 0) {
reply(503, "Login with USER first.");
......
if (!guest) { /* "ftp" is only account allowed no password */
#endif /* DOANONYMOUS */
i = opieverify(&opiestate, passwd);
if (legit && i && pwok)
i = strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd);
if (legit && i && pwok) {
cryptpw = crypt(passwd, pw->pw_passwd);
i = (cryptpw == NULL || strcmp(cryptpw, pw->pw_passwd) != 0);
}
if (!legit || i) {
reply(530, "Login incorrect.");
pw = NULL;
contrib/opie/opiesu.c
struct passwd *pwd;
char *p = getlogin();
char buf[32];
char *cryptpw;
if ((pwd = getpwuid(getuid())) == NULL) {
syslog(LOG_CRIT, "'%s' failed for unknown uid %d on %s", argvbuf, getuid(), ttyname(2));
......
if (console) {
/* Try regular password check, if allowed */
if (!strcmp(crypt(pbuf, thisuser.pw_passwd), thisuser.pw_passwd))
cryptpw = crypt(pbuf, thisuser.pw_passwd);
if (cryptpw != NULL && !strcmp(cryptpw, thisuser.pw_passwd))
goto ok;
} else {
int i = opiegetsequence(&opie);
contrib/pam_passwdqc/pam_passwdqc.c
static int check_pass(struct passwd *pw, const char *pass)
{
char *cryptpw;
#ifdef HAVE_SHADOW
struct spwd *spw;
const char *hash;
......
#else
hash = crypt(pass, spw->sp_pwdp);
#endif
retval = strcmp(hash, spw->sp_pwdp) ? -1 : 0;
retval = (hash == NULL || strcmp(hash, spw->sp_pwdp)) ? -1 : 0;
memset(spw->sp_pwdp, 0, strlen(spw->sp_pwdp));
return retval;
}
#endif
return strcmp(crypt(pass, pw->pw_passwd), pw->pw_passwd) ? -1 : 0;
cryptpw = crypt(pass, pw->pw_passwd);
return (cryptpw == NULL || strcmp(cryptpw, pw->pw_passwd)) ? -1 : 0;
}
static int am_root(pam_handle_t *pamh)
lib/pam_module/pam_unix/pam_unix.c
struct passwd *pwd;
int retval;
const char *pass, *user, *realpw, *prompt;
char *cryptpw;
if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) {
pwd = getpwnam(getlogin());
......
if (retval != PAM_SUCCESS)
return (retval);
PAM_LOG("Got password");
if (strcmp(crypt(pass, realpw), realpw) == 0)
cryptpw = crypt(pass, realpw);
if (cryptpw != NULL && strcmp(cryptpw, realpw) == 0)
return (PAM_SUCCESS);
PAM_VERBOSE_ERROR("UNIX authentication refused");
......
if (old_pass[0] == '\0' &&
!openpam_get_option(pamh, PAM_OPT_NULLOK))
return (PAM_PERM_DENIED);
if (strcmp(encrypted, pwd->pw_passwd) != 0)
if (encrypted == NULL || strcmp(encrypted, pwd->pw_passwd) != 0)
return (PAM_PERM_DENIED);
}
else if (flags & PAM_UPDATE_AUTHTOK) {
usr.sbin/pppd/auth.c
struct passwd *pw;
struct utmp utmp;
struct timeval tp;
char *tty;
char *tty, *cryptpw;
#ifdef HAS_SHADOW
struct spwd *spwd;
......
/*
* If no passwd, don't let them login.
*/
if (pw->pw_passwd == NULL || *pw->pw_passwd == '\0'
|| strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd) != 0)
if (pw->pw_passwd == NULL || *pw->pw_passwd == '\0' || passwd == NULL)
return (UPAP_AUTHNAK);
cryptpw = crypt(passwd, pw->pw_passwd);
if (cryptpw == NULL || strcmp(cryptpw, pw->pw_passwd) != 0)
return (UPAP_AUTHNAK);
if (pw->pw_expire) {
    (1-1/1)