Check for crypt() failure returning NULL.

* modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Adjust syslog message.
* modules/pam_unix/passverify.c (create_password_hash): Check for crypt()
returning NULL.

diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index e9059d3c3593e42e4da395cf27f09c607f21206c..9e1302d5db8efb0e280b64f8d2d47100884615a2 100644 (file)
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -800,7 +800,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
                tpass = create_password_hash(pamh, pass_new, ctrl, rounds);
                if (tpass == NULL) {
                        pam_syslog(pamh, LOG_CRIT,
-                               "out of memory for password");
+                               "crypt() failure or out of memory for password");
                        pass_new = pass_old = NULL;     /* tidy up */
                        unlock_pwdf();
                        return PAM_BUF_ERR;

diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index 52899552d6e42d20313913a7436b1f7d4bd6ee98..4840bb2dcd8c0c96dcf971cd971d365eaca46235 100644 (file)
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -424,7 +424,7 @@ PAMH_ARG_DECL(char * create_password_hash,
        }
 #endif
        sp = crypt(password, salt);
-       if (strncmp(algoid, sp, strlen(algoid)) != 0) {
+       if (!sp || strncmp(algoid, sp, strlen(algoid)) != 0) {
                /* libxcrypt/libc doesn't know the algorithm, use MD5 */
                pam_syslog(pamh, LOG_ERR,
                           "Algo %s not supported by the crypto backend, "
@@ -432,7 +432,9 @@ PAMH_ARG_DECL(char * create_password_hash,
                           on(UNIX_BLOWFISH_PASS, ctrl) ? "blowfish" :
                           on(UNIX_SHA256_PASS, ctrl) ? "sha256" :
                           on(UNIX_SHA512_PASS, ctrl) ? "sha512" : algoid);
-               memset(sp, '\0', strlen(sp));
+               if(sp) {
+                  memset(sp, '\0', strlen(sp));
+               }
                return crypt_md5_wrapper(password);
        }