From: Kurt Zeilenga <kurt@openldap.org>
Date: Mon, 17 Jan 2000 17:16:50 +0000 (+0000)
Subject: Add crypt(3) sanity checks
X-Git-Tag: OPENLDAP_REL_ENG_1_2_9~5
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=2fd0d597cffefdb4cd2803ffcfff305a7090c8ee;p=openldap

Add crypt(3) sanity checks
---

diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c
index 0b5605a7b2..5b1a317e01 100644
--- a/libraries/liblutil/passwd.c
+++ b/libraries/liblutil/passwd.c
@@ -29,7 +29,7 @@ lutil_passwd(
 	const char *passwd)
 {
 
-	if (cred == NULL || passwd == NULL) {
+	if (cred == NULL || !cred[0] || passwd == NULL || !passwd[0] ) {
 		return -1;
 	}
 
@@ -134,10 +134,22 @@ lutil_passwd(
 
 #ifdef SLAPD_CRYPT
 	} else if (strncasecmp(passwd, "{CRYPT}", sizeof("{CRYPT}") - 1) == 0 ) {
-		const char *p = passwd + (sizeof("{CRYPT}") - 1);
+		const char *p;
+		char *cr;
 
-		return( strcmp(p, crypt(cred, p)) );
+		p = passwd + (sizeof("{CRYPT}") - 1);
 
+		if( !p[0] || !p[1] ) {
+			return 1;
+		}
+
+		cr = crypt( cred, p );
+
+		if( !cr || !cr[0] ) {
+			return 1;
+		}
+
+		return strcmp(p, cr);
 #endif
 	}