diff options
Diffstat (limited to 'source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff')
-rw-r--r-- | source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff b/source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff new file mode 100644 index 000000000..dbb4614c2 --- /dev/null +++ b/source/kde/patch/kde-workspace/kde-workspace.shadow.changeset_r7777194da6154375fc8103b8c4e29e385cd7ae2e.diff @@ -0,0 +1,92 @@ +commit 7777194da6154375fc8103b8c4e29e385cd7ae2e +Author: Michael Pyne <mpyne@kde.org> +Date: Sat Jun 29 16:13:20 2013 -0400 + + kdm, kcheckpass: Check for NULL return from crypt(3) and friends. + + Potential issue noted and fixed by Mancha <mancha1@hush.com>. + + Patch reviewed by myself and ossi. Review request was closed out by the + backport commit. + +diff --git a/kcheckpass/checkpass_etcpasswd.c b/kcheckpass/checkpass_etcpasswd.c +index 1dbe06f..e261b7c 100644 +--- a/kcheckpass/checkpass_etcpasswd.c ++++ b/kcheckpass/checkpass_etcpasswd.c +@@ -35,6 +35,7 @@ AuthReturn Authenticate(const char *method, + { + struct passwd *pw; + char *passwd; ++ char *crpt_passwd; + + if (strcmp(method, "classic")) + return AuthError; +@@ -49,7 +50,7 @@ AuthReturn Authenticate(const char *method, + if (!(passwd = conv(ConvGetHidden, 0))) + return AuthAbort; + +- if (!strcmp(pw->pw_passwd, crypt(passwd, pw->pw_passwd))) { ++ if ((crpt_passwd = crypt(passwd, pw->pw_passwd)) && !strcmp(pw->pw_passwd, crpt_passwd)) { + dispose(passwd); + return AuthOk; /* Success */ + } +diff --git a/kcheckpass/checkpass_osfc2passwd.c b/kcheckpass/checkpass_osfc2passwd.c +index 9a074f9..d181233 100644 +--- a/kcheckpass/checkpass_osfc2passwd.c ++++ b/kcheckpass/checkpass_osfc2passwd.c +@@ -38,6 +38,7 @@ AuthReturn Authenticate(const char *method, + const char *login, char *(*conv) (ConvRequest, const char *)) + { + char *passwd; ++ char *crpt_passwd; + char c2passwd[256]; + + if (strcmp(method, "classic")) +@@ -52,7 +53,7 @@ AuthReturn Authenticate(const char *method, + if (!(passwd = conv(ConvGetHidden, 0))) + return AuthAbort; + +- if (!strcmp(c2passwd, osf1c2crypt(passwd, c2passwd))) { ++ if ((crpt_passwd = osf1c2crypt(passwd, c2passwd)) && !strcmp(c2passwd, crpt_passwd)) { + dispose(passwd); + return AuthOk; /* Success */ + } +diff --git a/kcheckpass/checkpass_shadow.c b/kcheckpass/checkpass_shadow.c +index ec3a4e0..c0f6913 100644 +--- a/kcheckpass/checkpass_shadow.c ++++ b/kcheckpass/checkpass_shadow.c +@@ -69,7 +69,7 @@ AuthReturn Authenticate(const char *method, + crpt_passwd = crypt(typed_in_password, password); + #endif + +- if (!strcmp(password, crpt_passwd )) { ++ if (crpt_passwd && !strcmp(password, crpt_passwd )) { + dispose(typed_in_password); + return AuthOk; /* Success */ + } +diff --git a/kdm/backend/client.c b/kdm/backend/client.c +index bdff6da..26bb0b4 100644 +--- a/kdm/backend/client.c ++++ b/kdm/backend/client.c +@@ -540,6 +540,9 @@ verify(GConvFunc gconv, int rootok) + # if defined(HAVE_STRUCT_PASSWD_PW_EXPIRE) || defined(USESHADOW) + int tim, expir, warntime, quietlog; + # endif ++# if !defined(ultrix) && !defined(__ultrix__) && (defined(HAVE_PW_ENCRYPT) || defined(HAVE_CRYPT)) ++ char *crpt_passwd; ++# endif + #endif + + debug("verify ...\n"); +@@ -752,9 +755,9 @@ verify(GConvFunc gconv, int rootok) + # if defined(ultrix) || defined(__ultrix__) + if (authenticate_user(p, curpass, 0) < 0) + # elif defined(HAVE_PW_ENCRYPT) +- if (strcmp(pw_encrypt(curpass, p->pw_passwd), p->pw_passwd)) ++ if (!(crpt_passwd = pw_encrypt(curpass, p->pw_passwd)) || strcmp(crpt_passwd, p->pw_passwd)) + # elif defined(HAVE_CRYPT) +- if (strcmp(crypt(curpass, p->pw_passwd), p->pw_passwd)) ++ if (!(crpt_passwd = crypt(curpass, p->pw_passwd)) || strcmp(crpt_passwd, p->pw_passwd)) + # else + if (strcmp(curpass, p->pw_passwd)) + # endif |