You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by sf...@apache.org on 2012/07/16 22:40:13 UTC

svn commit: r1362243 - in /apr/apr-util/branches/1.5.x: ./ crypto/apr_passwd.c

Author: sf
Date: Mon Jul 16 20:40:12 2012
New Revision: 1362243

URL: http://svn.apache.org/viewvc?rev=1362243&view=rev
Log:
Merge r1362241:

Avoid copying the hashed password to a temp buffer, if possible.

Noted by Jason Ovich <jasonovich mailfish de>
PR: 53410

Modified:
    apr/apr-util/branches/1.5.x/   (props changed)
    apr/apr-util/branches/1.5.x/crypto/apr_passwd.c

Propchange: apr/apr-util/branches/1.5.x/
------------------------------------------------------------------------------
  Merged /apr/apr/trunk:r1362241

Modified: apr/apr-util/branches/1.5.x/crypto/apr_passwd.c
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.5.x/crypto/apr_passwd.c?rev=1362243&r1=1362242&r2=1362243&view=diff
==============================================================================
--- apr/apr-util/branches/1.5.x/crypto/apr_passwd.c (original)
+++ apr/apr-util/branches/1.5.x/crypto/apr_passwd.c Mon Jul 16 20:40:12 2012
@@ -98,7 +98,7 @@ APU_DECLARE(apr_status_t) apr_password_v
          * It's not our algorithm, so feed it to crypt() if possible.
          */
 #if defined(WIN32) || defined(BEOS) || defined(NETWARE)
-        apr_cpystrn(sample, passwd, sizeof(sample) - 1);
+        return (strcmp(passwd, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
 #elif defined(CRYPT_R_CRYPTD)
         CRYPTD buffer;
 
@@ -106,7 +106,7 @@ APU_DECLARE(apr_status_t) apr_password_v
         if (!crypt_pw) {
             return APR_EMISMATCH;
         }
-        apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
+        return (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
 #elif defined(CRYPT_R_STRUCT_CRYPT_DATA)
         struct crypt_data buffer;
 
@@ -123,7 +123,7 @@ APU_DECLARE(apr_status_t) apr_password_v
         if (!crypt_pw) {
             return APR_EMISMATCH;
         }
-        apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
+        return (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
 #else
         /* Do a bit of sanity checking since we know that crypt_r()
          * should always be used for threaded builds on AIX, and
@@ -143,8 +143,8 @@ APU_DECLARE(apr_status_t) apr_password_v
             crypt_mutex_unlock();
             return APR_EMISMATCH;
         }
-        apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
         crypt_mutex_unlock();
+        return (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
 #endif
     }
     return (strcmp(sample, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;