You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@apr.apache.org by rp...@apache.org on 2009/05/28 04:05:35 UTC

svn commit: r779396 - /apr/apr/trunk/crypto/apr_md5.c

Author: rpluem
Date: Thu May 28 02:05:35 2009
New Revision: 779396

URL: http://svn.apache.org/viewvc?rev=779396&view=rev
Log:
* Failing crypt can cause a segfault. Check for result of crypt to avoid this.

PR: 47272
Submitted by: Arkadiusz Miskiewicz <arekm pld-linux.org>
Reviewed by: rpluem

Modified:
    apr/apr/trunk/crypto/apr_md5.c

Modified: apr/apr/trunk/crypto/apr_md5.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_md5.c?rev=779396&r1=779395&r2=779396&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_md5.c (original)
+++ apr/apr/trunk/crypto/apr_md5.c Thu May 28 02:05:35 2009
@@ -721,6 +721,9 @@
         CRYPTD buffer;
 
         crypt_pw = crypt_r(passwd, hash, &buffer);
+        if (!crypt_pw) {
+            return APR_EMISMATCH;
+        }
         apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
 #elif defined(CRYPT_R_STRUCT_CRYPT_DATA)
         struct crypt_data buffer;
@@ -732,6 +735,9 @@
          */
         memset(&buffer, 0, sizeof(buffer));
         crypt_pw = crypt_r(passwd, hash, &buffer);
+        if (!crypt_pw) {
+            return APR_EMISMATCH;
+        }
         apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
 #else
         /* Do a bit of sanity checking since we know that crypt_r()
@@ -748,6 +754,10 @@
          */
         crypt_mutex_lock();
         crypt_pw = crypt(passwd, hash);
+        if (!crypt_pw) {
+            crypt_mutex_unlock();
+            return APR_EMISMATCH;
+        }
         apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
         crypt_mutex_unlock();
 #endif