[bug #39040] Fix potential NULL pointer dereference with glibc 2.17+

Petr Pisar Thu, 23 May 2013 04:12:40 -0700

Follow-up Comment #1, bug #39040 (project cvs):

@@ -5632,9 +5633,11 @@ check_repository_password (username, pas
        host_user_tmp = username;


    /* Verify blank passwords directly, otherwise use crypt(). */
+   crypt_passwd = crypt (password, found_password);

Do you think calling crypt(, NULL) is wise? Documentation does not describe
behavior in this case. I would prefer guard this call with (found_password !=
NULL) condition.


    if ((found_password == NULL)
-       || ((strcmp (found_password, crypt (password, found_password))
-        == 0)))
+       || (crypt_passwd != NULL
+               && (strcmp (found_password, crypt (password, found_password))
+           == 0)))

Here you can replace the crypt() call with already computed crypt_passwd
value.


    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?39040>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/


_______________________________________________
Bug-cvs mailing list
Bug-cvs@nongnu.org
https://lists.nongnu.org/mailman/listinfo/bug-cvs

[bug #39040] Fix potential NULL pointer dereference with glibc 2.17+

Reply via email to