Add additional crypt() sanity checks.

author Kurt Zeilenga <kurt@openldap.org>

Mon, 17 Jan 2000 16:53:15 +0000 (16:53 +0000)

committer Kurt Zeilenga <kurt@openldap.org>

Mon, 17 Jan 2000 16:53:15 +0000 (16:53 +0000)
author Kurt Zeilenga <kurt@openldap.org>
Mon, 17 Jan 2000 16:53:15 +0000 (16:53 +0000)
committer Kurt Zeilenga <kurt@openldap.org>
Mon, 17 Jan 2000 16:53:15 +0000 (16:53 +0000)
diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c

index 0e18a098c83229086ea12057978af89147357b4e..2600cf38f6215add89ee0b7b54cd2a05fe025b03 100644 (file)
--- a/libraries/liblutil/passwd.c
+++ b/libraries/liblutil/passwd.c
@@ -748,7 +748,7 @@ static int chk_unix(
         const struct berval * cred )
  {
         int i;
-       char *pw;
+       char *pw,*cr;
  
         for( i=0; i<cred->bv_len; i++) {
                 if(cred->bv_val[i] == '\0') {
@@ -794,13 +794,18 @@ static int chk_unix(
  
         if( pw == NULL || *pw == '\0' ) return 1;
  
-       return strcmp(pw, crypt(cred->bv_val, pw));
+       cr = crypt(cred->bv_val, pw);
+
+       if( cr == NULL || *cr == '\0' ) return 1;
+
+       return strcmp(pw, cr);
  
  }
  # endif
  #endif
  
-/* PASSWORD CHECK ROUTINES */
+/* PASSWORD GENERATION ROUTINES */
+
  static struct berval *hash_ssha1(
         const struct pw_scheme *scheme,
         const struct berval  *passwd )
@@ -928,8 +933,13 @@ static struct berval *hash_crypt(
         hash.bv_val = crypt( passwd->bv_val, salt );
  
         if( hash.bv_val == NULL ) return NULL;
+
         hash.bv_len = strlen( hash.bv_val );
  
+       if( hash.bv_len == 0 ) {
+               return NULL;
+       }
+
         return pw_string( scheme, &hash );
  }
  #endif
author	Kurt Zeilenga <kurt@openldap.org>
	Mon, 17 Jan 2000 16:53:15 +0000 (16:53 +0000)
committer	Kurt Zeilenga <kurt@openldap.org>
	Mon, 17 Jan 2000 16:53:15 +0000 (16:53 +0000)