Add crypt(3) sanity checks

author Kurt Zeilenga <kurt@openldap.org>

Mon, 17 Jan 2000 17:16:50 +0000 (17:16 +0000)

committer Kurt Zeilenga <kurt@openldap.org>

Mon, 17 Jan 2000 17:16:50 +0000 (17:16 +0000)
author Kurt Zeilenga <kurt@openldap.org>
Mon, 17 Jan 2000 17:16:50 +0000 (17:16 +0000)
committer Kurt Zeilenga <kurt@openldap.org>
Mon, 17 Jan 2000 17:16:50 +0000 (17:16 +0000)
diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c

index 0b5605a7b27ecd9aceaf8ed1529ec0e3678cb513..5b1a317e014e930d5f2e0c093c8e8b974d417176 100644 (file)
--- a/libraries/liblutil/passwd.c
+++ b/libraries/liblutil/passwd.c
@@ -29,7 +29,7 @@ lutil_passwd(
         const char *passwd)
  {
  
-       if (cred == NULL || passwd == NULL) {
+       if (cred == NULL || !cred[0] || passwd == NULL || !passwd[0] ) {
                 return -1;
         }
  
@@ -134,10 +134,22 @@ lutil_passwd(
  
  #ifdef SLAPD_CRYPT
         } else if (strncasecmp(passwd, "{CRYPT}", sizeof("{CRYPT}") - 1) == 0 ) {
-               const char *p = passwd + (sizeof("{CRYPT}") - 1);
+               const char *p;
+               char *cr;
  
-               return( strcmp(p, crypt(cred, p)) );
+               p = passwd + (sizeof("{CRYPT}") - 1);
  
+               if( !p[0] || !p[1] ) {
+                       return 1;
+               }
+
+               cr = crypt( cred, p );
+
+               if( !cr || !cr[0] ) {
+                       return 1;
+               }
+
+               return strcmp(p, cr);
  #endif
         }
author	Kurt Zeilenga <kurt@openldap.org>
	Mon, 17 Jan 2000 17:16:50 +0000 (17:16 +0000)
committer	Kurt Zeilenga <kurt@openldap.org>
	Mon, 17 Jan 2000 17:16:50 +0000 (17:16 +0000)