mirror of
git://slackware.nl/current.git
synced 2025-01-09 05:24:36 +01:00
76fc4757ac
Mon Nov 4 17:08:47 UTC 2013 Slackware 14.1 x86_64 stable is released! It's been another interesting release cycle here at Slackware bringing new features like support for UEFI machines, updated compilers and development tools, the switch from MySQL to MariaDB, and many more improvements throughout the system. Thanks to the team, the upstream developers, the dedicated Slackware community, and everyone else who pitched in to help make this release a reality. The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware project by picking up a copy from store.slackware.com. We're taking pre-orders now, and offer a discount if you sign up for a subscription. Have fun! :-)
42 lines
1.5 KiB
Diff
42 lines
1.5 KiB
Diff
From 8d1eb5c74413e4c9a21f689fc106949b121c0117 Mon Sep 17 00:00:00 2001
|
|
From: mancha <mancha1@hush.com>
|
|
Date: Wed, 22 May 2013 14:20:26 +0000
|
|
Subject: Handle NULL returns from glibc 2.17+ crypt().
|
|
|
|
Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL
|
|
(w/ NULL return) if the salt violates specifications. Additionally,
|
|
on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords
|
|
passed to crypt() fail with EPERM (w/ NULL return).
|
|
|
|
If using glibc's crypt(), check return value to avoid a possible
|
|
NULL pointer dereference.
|
|
|
|
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
---
|
|
diff --git a/greeter/verify.c b/greeter/verify.c
|
|
index db3cb7d..b009e2b 100644
|
|
--- a/greeter/verify.c
|
|
+++ b/greeter/verify.c
|
|
@@ -329,6 +329,7 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify)
|
|
struct spwd *sp;
|
|
# endif
|
|
char *user_pass = NULL;
|
|
+ char *crypted_pass = NULL;
|
|
# endif
|
|
# ifdef __OpenBSD__
|
|
char *s;
|
|
@@ -464,7 +465,9 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify)
|
|
# if defined(ultrix) || defined(__ultrix__)
|
|
if (authenticate_user(p, greet->password, NULL) < 0)
|
|
# else
|
|
- if (strcmp (crypt (greet->password, user_pass), user_pass))
|
|
+ crypted_pass = crypt (greet->password, user_pass);
|
|
+ if ((crypted_pass == NULL)
|
|
+ || (strcmp (crypted_pass, user_pass)))
|
|
# endif
|
|
{
|
|
if(!greet->allow_null_passwd || strlen(p->pw_passwd) > 0) {
|
|
--
|
|
cgit v0.9.0.2-2-gbebe
|
|
|