Created attachment 1448305 [details] the patch Description of problem: Pam_mysql segfaults when an encrypted password used and the characters of salt in database not in [a-zA-Z0-9./]. The pam_mysql uses first two characters of the password as salt for crypt functions. However, according to man-page, the salt can only contain these characters: [a-zA-Z0-9./], otherwise it can return null pointer. The code of checking password (pam_mysql.c) looks like this: vresult = strcmp(row[0], crypt(passwd, row[0])); So when the crypt call failed, the row[0] string is compared with null-pointer string and the segfault occurs. In the one of pam_mysql fork it was fixed in 2015: https://github.com/NigelCunningham/pam-MySQL/commit/af6c8bb9e0375dda6cee20b3de6a23f5d7087635#diff-5903b4d238fdc681232da9aea81f66c3 Version-Release number of selected component (if applicable): 0.7RC1 How reproducible: The bug is reproducible in rhel6, but not reproducible in rhel5. Steps to Reproduce: Setup pam_mysql to use encrypted passwords, create a user with password "!@#$%^" and try to login. Actual results: Program segfaults Expected results: Program doesn't segfault
I should probably just rebase this onto Nigel's fork :\
Great idea!
pam_mysql-0.8.1-0.2.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-bb07632c10
pam_mysql-0.8.1-0.2.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2018-e600272170
pam_mysql-0.8.1-0.2.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-bb07632c10
pam_mysql-0.8.1-0.2.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-e600272170
An update associated with this bug has been pushed to stable.
A Fedora update associated with this bug has been pushed to the stable repository.