From 0210ff58e8a3af7d1c574d382a26ebcf0c5df863 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Jun 20 2012 14:29:02 +0000 Subject: properly deal with crypt() returning NULL (#816250) --- diff --git a/cyrus-sasl-2.1.23-null-crypt.patch b/cyrus-sasl-2.1.23-null-crypt.patch new file mode 100644 index 0000000..52e30c7 --- /dev/null +++ b/cyrus-sasl-2.1.23-null-crypt.patch @@ -0,0 +1,86 @@ +diff -Naur cyrus-sasl-2.1.23-orig/pwcheck/pwcheck_getpwnam.c cyrus-sasl-2.1.23/pwcheck/pwcheck_getpwnam.c +--- cyrus-sasl-2.1.23-orig/pwcheck/pwcheck_getpwnam.c 1999-08-26 12:22:43.000000000 -0400 ++++ cyrus-sasl-2.1.23/pwcheck/pwcheck_getpwnam.c 2012-04-25 10:16:04.240783975 -0400 +@@ -31,7 +31,7 @@ + char *userid; + char *password; + { +- char* r; ++ char* r, *cryptbuf; + struct passwd *pwd; + + pwd = getpwnam(userid); +@@ -41,11 +41,13 @@ + else if (pwd->pw_passwd[0] == '*') { + r = "Account disabled"; + } +- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) { +- r = "Incorrect password"; +- } + else { +- r = "OK"; ++ cryptbuf = crypt(password, pwd->pw_passwd); ++ if((cryptbuf == NULL) || (strcmp(pwd->pw_passwd, cryptbuf) != 0)) { ++ r = "Incorrect password"; ++ } else { ++ r = "OK"; ++ } + } + + endpwent(); +diff -Naur cyrus-sasl-2.1.23-orig/saslauthd/auth_getpwent.c cyrus-sasl-2.1.23/saslauthd/auth_getpwent.c +--- cyrus-sasl-2.1.23-orig/saslauthd/auth_getpwent.c 2009-04-28 11:09:18.000000000 -0400 ++++ cyrus-sasl-2.1.23/saslauthd/auth_getpwent.c 2012-04-25 10:06:01.329748386 -0400 +@@ -70,6 +70,7 @@ + { + /* VARIABLES */ + struct passwd *pw; /* pointer to passwd file entry */ ++ char *cryptbuf; + /* END VARIABLES */ + + pw = getpwnam(login); +@@ -79,7 +80,8 @@ + RETURN("NO"); + } + +- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { ++ cryptbuf = crypt(password, pw->pw_passwd); ++ if( (cryptbuf == NULL) || strcmp(pw->pw_passwd, cryptbuf)) { + RETURN("NO"); + } + +diff -Naur cyrus-sasl-2.1.23-orig/saslauthd/auth_shadow.c cyrus-sasl-2.1.23/saslauthd/auth_shadow.c +--- cyrus-sasl-2.1.23-orig/saslauthd/auth_shadow.c 2012-04-25 10:02:23.777487508 -0400 ++++ cyrus-sasl-2.1.23/saslauthd/auth_shadow.c 2012-04-25 10:12:53.727866162 -0400 +@@ -184,16 +184,16 @@ + * not returning any information about a login until we have validated + * the password. + */ +- cpw = strdup((const char *)crypt(password, sp->sp_pwdp)); ++ cpw = crypt(password, sp->sp_pwdp); ++ if(cpw == NULL) ++ RETURN("NO"); + if (strcmp(sp->sp_pwdp, cpw)) { + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'", + sp->sp_pwdp, cpw); + } +- free(cpw); + RETURN("NO"); + } +- free(cpw); + + /* + * The following fields will be set to -1 if: +@@ -254,8 +254,9 @@ + } + RETURN("NO"); + } +- +- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) { ++ ++ cpw = crypt(password, upw->upw_passwd); ++ if((cpw == NULL) || (strcmp(upw->upw_passwd, cpw) != 0)) { + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s", + password, upw->upw_passwd); diff --git a/cyrus-sasl.spec b/cyrus-sasl.spec index 11547ee..301c17b 100644 --- a/cyrus-sasl.spec +++ b/cyrus-sasl.spec @@ -46,6 +46,8 @@ Patch39: cyrus-sasl-2.1.23-ntlm.patch Patch40: cyrus-sasl-2.1.23-rimap2.patch Patch41: cyrus-sasl-2.1.23-db5.patch Patch42: cyrus-sasl-2.1.23-relro.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=816250 +Patch43: cyrus-sasl-2.1.23-null-crypt.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: autoconf, automake, libtool, gdbm-devel, groff @@ -182,6 +184,7 @@ chmod -x include/*.h %patch40 -p1 -b .rimap2 %patch41 -p1 -b .db5 %patch42 -p1 -b .relro +%patch43 -p1 -b .null-crypt %build # FIXME - we remove these files directly so that we can avoid using the -f