36 lines
1.3 KiB
Diff
36 lines
1.3 KiB
Diff
From 1af808982460ec74a23820dcc4d582bb39e2b223 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
|
|
Date: Tue, 22 Feb 2022 14:51:42 +0100
|
|
Subject: [PATCH] newrole: check for crypt(3) failure
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Depending on the implementation crypt(3) can fail either by returning
|
|
NULL, or returning a pointer to an invalid hash and setting errno.
|
|
|
|
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
|
|
---
|
|
policycoreutils/newrole/newrole.c | 5 +++++
|
|
1 file changed, 5 insertions(+)
|
|
|
|
diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
|
|
index c99898635..781f99b63 100644
|
|
--- a/policycoreutils/newrole/newrole.c
|
|
+++ b/policycoreutils/newrole/newrole.c
|
|
@@ -368,9 +368,14 @@ static int authenticate_via_shadow_passwd(const char *uname)
|
|
}
|
|
|
|
/* Use crypt() to encrypt user's input password. */
|
|
+ errno = 0;
|
|
encrypted_password_s = crypt(unencrypted_password_s,
|
|
p_shadow_line->sp_pwdp);
|
|
memset(unencrypted_password_s, 0, strlen(unencrypted_password_s));
|
|
+ if (errno || !encrypted_password_s) {
|
|
+ fprintf(stderr, _("Cannot encrypt password.\n"));
|
|
+ return 0;
|
|
+ }
|
|
return (!strcmp(encrypted_password_s, p_shadow_line->sp_pwdp));
|
|
}
|
|
#endif /* if/else USE_PAM */
|