Date: Wed, 22 Feb 2012 06:27:20 +0000 (UTC) From: Kevin Lo <kevlo@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r231994 - in head: sbin/init usr.bin/chkey usr.bin/enigma usr.bin/lock usr.bin/newgrp usr.sbin/ppp usr.sbin/pw usr.sbin/rpc.yppasswdd Message-ID: <201202220627.q1M6RKRY038145@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kevlo Date: Wed Feb 22 06:27:20 2012 New Revision: 231994 URL: http://svn.freebsd.org/changeset/base/231994 Log: Handle NULL return from crypt(3). Mostly from DragonFly Modified: head/sbin/init/init.c head/usr.bin/chkey/chkey.c head/usr.bin/enigma/enigma.c head/usr.bin/lock/lock.c head/usr.bin/newgrp/newgrp.c head/usr.sbin/ppp/auth.c head/usr.sbin/pw/pw_user.c head/usr.sbin/rpc.yppasswdd/yppasswdd_server.c Modified: head/sbin/init/init.c ============================================================================== --- head/sbin/init/init.c Wed Feb 22 04:52:38 2012 (r231993) +++ head/sbin/init/init.c Wed Feb 22 06:27:20 2012 (r231994) @@ -657,7 +657,8 @@ single_user(void) _exit(0); password = crypt(clear, pp->pw_passwd); bzero(clear, _PASSWORD_LEN); - if (strcmp(password, pp->pw_passwd) == 0) + if (password == NULL || + strcmp(password, pp->pw_passwd) == 0) break; warning("single-user login failed\n"); } Modified: head/usr.bin/chkey/chkey.c ============================================================================== --- head/usr.bin/chkey/chkey.c Wed Feb 22 04:52:38 2012 (r231993) +++ head/usr.bin/chkey/chkey.c Wed Feb 22 06:27:20 2012 (r231994) @@ -94,6 +94,9 @@ main(int argc, char **argv) #ifdef YP char *master; #endif +#ifdef YPPASSWD + char *cryptpw; +#endif while ((ch = getopt(argc, argv, "f")) != -1) switch(ch) { @@ -149,7 +152,8 @@ main(int argc, char **argv) pass = getpass("Password:"); #ifdef YPPASSWD if (!force) { - if (strcmp(crypt(pass, pw->pw_passwd), pw->pw_passwd) != 0) + cryptpw = crypt(pass, pw->pw_passwd); + if (cryptpw == NULL || strcmp(cryptpw, pw->pw_passwd) != 0) errx(1, "invalid password"); } #else Modified: head/usr.bin/enigma/enigma.c ============================================================================== --- head/usr.bin/enigma/enigma.c Wed Feb 22 04:52:38 2012 (r231993) +++ head/usr.bin/enigma/enigma.c Wed Feb 22 06:27:20 2012 (r231994) @@ -41,9 +41,15 @@ setup(char *pw) char salt[3]; unsigned rnd; int32_t seed; + char *cryptpw; strlcpy(salt, pw, sizeof(salt)); - memcpy(buf, crypt(pw, salt), sizeof(buf)); + cryptpw = crypt(pw, salt); + if (cryptpw == NULL) { + fprintf(stderr, "crypt(3) failure\n"); + exit(1); + } + memcpy(buf, cryptpw, sizeof(buf)); seed = 123; for (i=0; i<13; i++) seed = seed*buf[i] + i; Modified: head/usr.bin/lock/lock.c ============================================================================== --- head/usr.bin/lock/lock.c Wed Feb 22 04:52:38 2012 (r231993) +++ head/usr.bin/lock/lock.c Wed Feb 22 06:27:20 2012 (r231994) @@ -94,7 +94,7 @@ main(int argc, char **argv) struct itimerval ntimer, otimer; struct tm *timp; int ch, failures, sectimeout, usemine, vtylock; - char *ap, *mypw, *ttynam, *tzn; + char *ap, *cryptpw, *mypw, *ttynam, *tzn; char hostname[MAXHOSTNAMELEN], s[BUFSIZ], s1[BUFSIZ]; openlog("lock", LOG_ODELAY, LOG_AUTH); @@ -222,7 +222,8 @@ main(int argc, char **argv) } if (usemine) { s[strlen(s) - 1] = '\0'; - if (!strcmp(mypw, crypt(s, mypw))) + cryptpw = crypt(s, mypw); + if (cryptpw == NULL || !strcmp(mypw, cryptpw)) break; } else if (!strcmp(s, s1)) Modified: head/usr.bin/newgrp/newgrp.c ============================================================================== --- head/usr.bin/newgrp/newgrp.c Wed Feb 22 04:52:38 2012 (r231993) +++ head/usr.bin/newgrp/newgrp.c Wed Feb 22 06:27:20 2012 (r231994) @@ -151,7 +151,7 @@ addgroup(const char *grpname) int dbmember, i, ngrps; gid_t egid; struct group *grp; - char *ep, *pass; + char *ep, *pass, *cryptpw; char **p; egid = getegid(); @@ -178,8 +178,10 @@ addgroup(const char *grpname) } if (!dbmember && *grp->gr_passwd != '\0' && getuid() != 0) { pass = getpass("Password:"); - if (pass == NULL || - strcmp(grp->gr_passwd, crypt(pass, grp->gr_passwd)) != 0) { + if (pass == NULL) + return; + cryptpw = crypt(pass, grp->gr_passwd); + if (cryptpw == NULL || strcmp(grp->gr_passwd, cryptpw) != 0) { fprintf(stderr, "Sorry\n"); return; } Modified: head/usr.sbin/ppp/auth.c ============================================================================== --- head/usr.sbin/ppp/auth.c Wed Feb 22 04:52:38 2012 (r231993) +++ head/usr.sbin/ppp/auth.c Wed Feb 22 06:27:20 2012 (r231994) @@ -126,9 +126,11 @@ auth_CheckPasswd(const char *name, const /* Then look up the real password database */ struct passwd *pw; int result; + char *cryptpw; + cryptpw = crypt(key, pw->pw_passwd); result = (pw = getpwnam(name)) && - !strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd); + (cryptpw == NULL || !strcmp(cryptpw, pw->pw_passwd)); endpwent(); return result; #else /* !NOPAM */ Modified: head/usr.sbin/pw/pw_user.c ============================================================================== --- head/usr.sbin/pw/pw_user.c Wed Feb 22 04:52:38 2012 (r231993) +++ head/usr.sbin/pw/pw_user.c Wed Feb 22 06:27:20 2012 (r231994) @@ -1028,6 +1028,7 @@ pw_pwcrypt(char *password) { int i; char salt[SALTSIZE + 1]; + char *cryptpw; static char buf[256]; @@ -1038,7 +1039,10 @@ pw_pwcrypt(char *password) salt[i] = chars[arc4random_uniform(sizeof(chars) - 1)]; salt[SALTSIZE] = '\0'; - return strcpy(buf, crypt(password, salt)); + cryptpw = crypt(password, salt); + if (cryptpw == NULL) + errx(EX_CONFIG, "crypt(3) failure"); + return strcpy(buf, cryptpw); } Modified: head/usr.sbin/rpc.yppasswdd/yppasswdd_server.c ============================================================================== --- head/usr.sbin/rpc.yppasswdd/yppasswdd_server.c Wed Feb 22 04:52:38 2012 (r231993) +++ head/usr.sbin/rpc.yppasswdd/yppasswdd_server.c Wed Feb 22 06:27:20 2012 (r231994) @@ -460,6 +460,7 @@ yppasswdproc_update_1_svc(yppasswd *argp int passwd_changed = 0; int shell_changed = 0; int gecos_changed = 0; + char *cryptpw; char *oldshell = NULL; char *oldgecos = NULL; char *passfile_hold; @@ -537,8 +538,8 @@ yppasswdproc_update_1_svc(yppasswd *argp /* Step 2: check that the supplied oldpass is valid. */ - if (strcmp(crypt(argp->oldpass, yp_password.pw_passwd), - yp_password.pw_passwd)) { + cryptpw = crypt(argp->oldpass, yp_password.pw_passwd); + if (cryptpw == NULL || strcmp(cryptpw, yp_password.pw_passwd)) { yp_error("rejected change attempt -- bad password"); yp_error("client address: %s username: %s", inet_ntoa(rqhost->sin_addr),
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201202220627.q1M6RKRY038145>