37 lines
1.2 KiB
Diff
37 lines
1.2 KiB
Diff
|
From 53a17c1742a4b5fcf9280fd6dd85fc77588535c2 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Jeffrey Bencteux <jeffbencteux@gmail.com>
|
||
|
|
Date: Wed, 21 Jun 2023 15:12:43 +0200
|
||
|
|
Subject: [PATCH] chgpasswd: fix segfault in command-line options
|
||
|
|
|
||
|
|
Using the --sha-rounds option without first giving a crypt method via the --crypt-method option results in comparisons with a NULL pointer and thus make chgpasswd segfault:
|
||
|
|
|
||
|
|
$ chgpasswd -s 1
|
||
|
|
zsh: segmentation fault chgpasswd -s 1
|
||
|
|
|
||
|
|
Current patch add a sanity check before these comparisons to ensure there is a defined encryption method.
|
||
|
|
---
|
||
|
|
src/chgpasswd.c | 7 +++++++
|
||
|
|
1 file changed, 7 insertions(+)
|
||
|
|
|
||
|
|
diff --git a/src/chgpasswd.c b/src/chgpasswd.c
|
||
|
|
index fe4055d8..7b773e2f 100644
|
||
|
|
--- a/src/chgpasswd.c
|
||
|
|
+++ b/src/chgpasswd.c
|
||
|
|
@@ -186,6 +186,13 @@ static void process_flags (int argc, char **argv)
|
||
|
|
case 's':
|
||
|
|
sflg = true;
|
||
|
|
bad_s = 0;
|
||
|
|
+
|
||
|
|
+ if (!crypt_method) {
|
||
|
|
+ fprintf (stderr,
|
||
|
|
+ _("%s: no crypt method defined\n"),
|
||
|
|
+ Prog);
|
||
|
|
+ usage (E_USAGE);
|
||
|
|
+ }
|
||
|
|
#if defined(USE_SHA_CRYPT)
|
||
|
|
if ( ( ((0 == strcmp (crypt_method, "SHA256")) || (0 == strcmp (crypt_method, "SHA512")))
|
||
|
|
&& (0 == getlong(optarg, &sha_rounds)))) {
|
||
|
|
--
|
||
|
|
2.20.1
|
||
|
|
|