diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2017-10-25 18:42:45 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2017-10-25 18:44:02 +0300 |
commit | ed02e493c6cb9d2ced5503e37369daf7cd87064d (patch) | |
tree | 60e3f132bd7531d2d6472726d8928a7f51747911 | |
parent | b1c79452b9f4cfe5ad432a7757f16d64e7050830 (diff) | |
download | vmod-basicauth-ed02e493c6cb9d2ced5503e37369daf7cd87064d.tar.gz vmod-basicauth-ed02e493c6cb9d2ced5503e37369daf7cd87064d.tar.bz2 |
Check for NULL returns from crypt, crypt_r and apr_md5_encode
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | configure.ac | 2 | ||||
-rw-r--r-- | src/vmod_basicauth.c | 15 |
3 files changed, 13 insertions, 6 deletions
@@ -6,3 +6,3 @@ Please send Vmod-basicauth bug reports to <gray@gnu.org> -Version 1.5.90 (Git) +Version 1.5.91 (Git) diff --git a/configure.ac b/configure.ac index bf33983..20d9827 100644 --- a/configure.ac +++ b/configure.ac @@ -16,3 +16,3 @@ AC_PREREQ(2.69) -AC_INIT([vmod-basicauth], 1.5.90, [gray@gnu.org]) +AC_INIT([vmod-basicauth], 1.5.91, [gray@gnu.org]) AC_CONFIG_AUX_DIR([build-aux]) diff --git a/src/vmod_basicauth.c b/src/vmod_basicauth.c index 943fba9..d106afd 100644 --- a/src/vmod_basicauth.c +++ b/src/vmod_basicauth.c @@ -109,8 +109,14 @@ crypt_match(const char *pass, const char *hash, struct vmod_priv *priv) { - int res; + int res = 1; + char *cp; + #ifdef HAVE_CRYPT_R - res = strcmp(crypt_r(pass, hash, &get_priv_data(priv)->cdat), hash); + cp = crypt_r(pass, hash, &get_priv_data(priv)->cdat); + if (cp) + res = strcmp(cp, hash); #else pthread_mutex_lock(&pass_mutex); - res = strcmp(crypt(pass, hash), hash); + cp = crypt(pass, hash); + if (cp) + res = strcmp(cp, hash); pthread_mutex_unlock(&pass_mutex); @@ -130,3 +136,4 @@ apr_match(const char *pass, const char *hash, struct vmod_priv *priv) char buf[120]; - return strcmp(apr_md5_encode(pass, hash, buf, sizeof(buf)), hash); + char *cp = apr_md5_encode(pass, hash, buf, sizeof(buf)); + return cp ? strcmp(cp, hash) : 1; } |