outval = crypt (newpass, oldpass);
#endif
- return strcmp(outval, oldpass) == 0;
+ return outval != NULL && strcmp(outval, oldpass) == 0;
}
/* Check, if the new password is already in the opasswd file. */
#else
tmp_ptr = crypt(plaintext_ptr, salt); /* libc crypt() */
#endif
+ if (tmp_ptr == NULL) {
+ free(dec_c2_cryptbuf);
+ return NULL;
+ }
/* and place in the static area */
strncpy(cipher_ptr, tmp_ptr, 13);
cipher_ptr += ESEGMENT_SIZE + SALT_SIZE;
#else
tmp_ptr = crypt(plaintext_ptr, salt_ptr);
#endif
+ if (tmp_ptr == NULL) {
+ _pam_overwrite(dec_c2_cryptbuf);
+ free(dec_c2_cryptbuf);
+ return NULL;
+ }
/* skip the salt for seg!=0 */
strncpy(cipher_ptr, (tmp_ptr + SALT_SIZE), ESEGMENT_SIZE);