summaryrefslogtreecommitdiffstats
path: root/source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff
diff options
context:
space:
mode:
Diffstat (limited to 'source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff')
-rw-r--r--source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff92
1 files changed, 92 insertions, 0 deletions
diff --git a/source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff b/source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff
new file mode 100644
index 000000000..dbb4614c2
--- /dev/null
+++ b/source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff
@@ -0,0 +1,92 @@
+commit 7777194da6154375fc8103b8c4e29e385cd7ae2e
+Author: Michael Pyne <mpyne@kde.org>
+Date: Sat Jun 29 16:13:20 2013 -0400
+
+ kdm, kcheckpass: Check for NULL return from crypt(3) and friends.
+
+ Potential issue noted and fixed by Mancha <mancha1@hush.com>.
+
+ Patch reviewed by myself and ossi. Review request was closed out by the
+ backport commit.
+
+diff --git a/kcheckpass/checkpass_etcpasswd.c b/kcheckpass/checkpass_etcpasswd.c
+index 1dbe06f..e261b7c 100644
+--- a/kcheckpass/checkpass_etcpasswd.c
++++ b/kcheckpass/checkpass_etcpasswd.c
+@@ -35,6 +35,7 @@ AuthReturn Authenticate(const char *method,
+ {
+ struct passwd *pw;
+ char *passwd;
++ char *crpt_passwd;
+
+ if (strcmp(method, "classic"))
+ return AuthError;
+@@ -49,7 +50,7 @@ AuthReturn Authenticate(const char *method,
+ if (!(passwd = conv(ConvGetHidden, 0)))
+ return AuthAbort;
+
+- if (!strcmp(pw->pw_passwd, crypt(passwd, pw->pw_passwd))) {
++ if ((crpt_passwd = crypt(passwd, pw->pw_passwd)) && !strcmp(pw->pw_passwd, crpt_passwd)) {
+ dispose(passwd);
+ return AuthOk; /* Success */
+ }
+diff --git a/kcheckpass/checkpass_osfc2passwd.c b/kcheckpass/checkpass_osfc2passwd.c
+index 9a074f9..d181233 100644
+--- a/kcheckpass/checkpass_osfc2passwd.c
++++ b/kcheckpass/checkpass_osfc2passwd.c
+@@ -38,6 +38,7 @@ AuthReturn Authenticate(const char *method,
+ const char *login, char *(*conv) (ConvRequest, const char *))
+ {
+ char *passwd;
++ char *crpt_passwd;
+ char c2passwd[256];
+
+ if (strcmp(method, "classic"))
+@@ -52,7 +53,7 @@ AuthReturn Authenticate(const char *method,
+ if (!(passwd = conv(ConvGetHidden, 0)))
+ return AuthAbort;
+
+- if (!strcmp(c2passwd, osf1c2crypt(passwd, c2passwd))) {
++ if ((crpt_passwd = osf1c2crypt(passwd, c2passwd)) && !strcmp(c2passwd, crpt_passwd)) {
+ dispose(passwd);
+ return AuthOk; /* Success */
+ }
+diff --git a/kcheckpass/checkpass_shadow.c b/kcheckpass/checkpass_shadow.c
+index ec3a4e0..c0f6913 100644
+--- a/kcheckpass/checkpass_shadow.c
++++ b/kcheckpass/checkpass_shadow.c
+@@ -69,7 +69,7 @@ AuthReturn Authenticate(const char *method,
+ crpt_passwd = crypt(typed_in_password, password);
+ #endif
+
+- if (!strcmp(password, crpt_passwd )) {
++ if (crpt_passwd && !strcmp(password, crpt_passwd )) {
+ dispose(typed_in_password);
+ return AuthOk; /* Success */
+ }
+diff --git a/kdm/backend/client.c b/kdm/backend/client.c
+index bdff6da..26bb0b4 100644
+--- a/kdm/backend/client.c
++++ b/kdm/backend/client.c
+@@ -540,6 +540,9 @@ verify(GConvFunc gconv, int rootok)
+ # if defined(HAVE_STRUCT_PASSWD_PW_EXPIRE) || defined(USESHADOW)
+ int tim, expir, warntime, quietlog;
+ # endif
++# if !defined(ultrix) && !defined(__ultrix__) && (defined(HAVE_PW_ENCRYPT) || defined(HAVE_CRYPT))
++ char *crpt_passwd;
++# endif
+ #endif
+
+ debug("verify ...\n");
+@@ -752,9 +755,9 @@ verify(GConvFunc gconv, int rootok)
+ # if defined(ultrix) || defined(__ultrix__)
+ if (authenticate_user(p, curpass, 0) < 0)
+ # elif defined(HAVE_PW_ENCRYPT)
+- if (strcmp(pw_encrypt(curpass, p->pw_passwd), p->pw_passwd))
++ if (!(crpt_passwd = pw_encrypt(curpass, p->pw_passwd)) || strcmp(crpt_passwd, p->pw_passwd))
+ # elif defined(HAVE_CRYPT)
+- if (strcmp(crypt(curpass, p->pw_passwd), p->pw_passwd))
++ if (!(crpt_passwd = crypt(curpass, p->pw_passwd)) || strcmp(crpt_passwd, p->pw_passwd))
+ # else
+ if (strcmp(curpass, p->pw_passwd))
+ # endif