diff options
author | Damien Miller <djm@mindrot.org> | 2018-10-10 14:57:00 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-10-10 14:57:00 +1100 |
commit | d1d301a1dd5d6cc3a9ed93ab7ab09dda4cb456e0 (patch) | |
tree | bd9f6991a1349aac33e657b7525fc64cda12945c /openbsd-compat/xcrypt.c | |
parent | edbb6febccee084d212fdc0cb05b40cb1c646ab1 (diff) |
in pick_salt() avoid dereference of NULL passwords
Apparently some NIS implementations can leave pw->pw_passwd (or the
shadow equivalent) NULL.
bz#2909; based on patch from Todd Eigenschink
Diffstat (limited to 'openbsd-compat/xcrypt.c')
-rw-r--r-- | openbsd-compat/xcrypt.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c index c9c6283cc..360b187af 100644 --- a/openbsd-compat/xcrypt.c +++ b/openbsd-compat/xcrypt.c | |||
@@ -82,7 +82,8 @@ pick_salt(void) | |||
82 | strlcpy(salt, "xx", sizeof(salt)); | 82 | strlcpy(salt, "xx", sizeof(salt)); |
83 | setpwent(); | 83 | setpwent(); |
84 | while ((pw = getpwent()) != NULL) { | 84 | while ((pw = getpwent()) != NULL) { |
85 | passwd = shadow_pw(pw); | 85 | if ((passwd = shadow_pw(pw)) == NULL) |
86 | continue; | ||
86 | if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) { | 87 | if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) { |
87 | typelen = p - passwd + 1; | 88 | typelen = p - passwd + 1; |
88 | strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); | 89 | strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); |