From: Kurt Zeilenga <kurt@openldap.org>
Date: Mon, 17 Jan 2000 16:53:15 +0000 (+0000)
Subject: Add additional crypt() sanity checks.
X-Git-Tag: UCDATA_2_4~26
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=c17b89f43162a44dcdba16a46447adbc36b08141;p=openldap

Add additional crypt() sanity checks.
---

diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c
index 0e18a098c8..2600cf38f6 100644
--- a/libraries/liblutil/passwd.c
+++ b/libraries/liblutil/passwd.c
@@ -748,7 +748,7 @@ static int chk_unix(
 	const struct berval * cred )
 {
 	int i;
-	char *pw;
+	char *pw,*cr;
 
 	for( i=0; i<cred->bv_len; i++) {
 		if(cred->bv_val[i] == '\0') {
@@ -794,13 +794,18 @@ static int chk_unix(
 
 	if( pw == NULL || *pw == '\0' ) return 1;
 
-	return strcmp(pw, crypt(cred->bv_val, pw));
+	cr = crypt(cred->bv_val, pw);
+
+	if( cr == NULL || *cr == '\0' ) return 1;
+
+	return strcmp(pw, cr);
 
 }
 # endif
 #endif
 
-/* PASSWORD CHECK ROUTINES */
+/* PASSWORD GENERATION ROUTINES */
+
 static struct berval *hash_ssha1(
 	const struct pw_scheme *scheme,
 	const struct berval  *passwd )
@@ -928,8 +933,13 @@ static struct berval *hash_crypt(
 	hash.bv_val = crypt( passwd->bv_val, salt );
 
 	if( hash.bv_val == NULL ) return NULL;
+
 	hash.bv_len = strlen( hash.bv_val );
 
+	if( hash.bv_len == 0 ) {
+		return NULL;
+	}
+
 	return pw_string( scheme, &hash );
 }
 #endif