Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 656639 Details for
Bug 816203
yppasswd doesn't handle crypt() returning NULL
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Patch which prints error and exists when crypt fails
yp-tools-2.9-crypt.patch (text/plain), 2.44 KB, created by
Honza Horak
on 2012-12-03 13:49:51 UTC
(
hide
)
Description:
Patch which prints error and exists when crypt fails
Filename:
MIME Type:
Creator:
Honza Horak
Created:
2012-12-03 13:49:51 UTC
Size:
2.44 KB
patch
obsolete
>diff -up yp-tools-2.9/src/yppasswd.c.crypt yp-tools-2.9/src/yppasswd.c >--- yp-tools-2.9/src/yppasswd.c.crypt 2012-12-03 14:45:36.787714547 +0100 >+++ yp-tools-2.9/src/yppasswd.c 2012-12-03 14:48:38.639816872 +0100 >@@ -441,11 +441,19 @@ verifypassword (struct passwd *pwd, char > if (pwd->pw_passwd[0] > && 0 != strcmp (pwd->pw_passwd, "x") /* don't check shadow passwords */ > && 0 != strcmp (pwd->pw_passwd, "##") /* don't check passwd.adjunct passwords */ >- && !strncmp (pwd->pw_passwd, crypt (pwdstr, pwd->pw_passwd), passwdlen) > && uid) > { >- fputs (_("You cannot reuse the old password.\n"), stderr); >- return 0; >+ char *crypted = crypt(pwdstr, pwd->pw_passwd); >+ if(crypted == NULL) >+ { >+ fputs (_("crypt() call failed.\n"), stderr); >+ return 0; >+ } >+ if (!strncmp (pwd->pw_passwd, crypted, passwdlen)) >+ { >+ fputs (_("You cannot reuse the old password.\n"), stderr); >+ return 0; >+ } > } > > r = 0; >@@ -752,6 +760,7 @@ main (int argc, char **argv) > { > int passwdlen; > char *sane_passwd; >+ char *crypted; > passwdlen = strlen (pwd->pw_passwd); > /* Some systems (HPU/X) store the password aging info after > * the password (with a comma to separate it). To support >@@ -768,7 +777,14 @@ main (int argc, char **argv) > sane_passwd = alloca (passwdlen + 1); > strncpy (sane_passwd, pwd->pw_passwd, passwdlen); > sane_passwd[passwdlen] = 0; >- if (strcmp (crypt (s, sane_passwd), sane_passwd)) >+ crypted = crypt (s, sane_passwd); >+ if(crypted == NULL) >+ { >+ fprintf (stderr, _("Sorry - crypt() failed.\n")); >+ return 1; >+ } >+ >+ if (strcmp (crypted, sane_passwd)) > { > fprintf (stderr, _("Sorry.\n")); > return 1; >@@ -783,6 +799,7 @@ main (int argc, char **argv) > char *error_msg; > #endif /* USE_CRACKLIB */ > char *buf, salt[12], *p = NULL; >+ char *crypted; > int tries = 0; > > buf = (char *) malloc (129); >@@ -844,7 +861,16 @@ main (int argc, char **argv) > create_random_salt (salt+3, 8); > } > >- yppwd.newpw.pw_passwd = strdup (crypt (buf, salt)); >+ crypted = crypt (buf, salt); >+ if (crypted == NULL) >+ { >+ fprintf (stderr, _("Sorry - crypt() failed.\n")); >+ return 1; >+ } >+ else >+ { >+ yppwd.newpw.pw_passwd = strdup (crypted); >+ } > } > > if (f_flag)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=656639">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 816203
: 656639