Add checks for crypt() returning NULL.

modules/pam_pwhistory/opasswd.c (compare_password): Add check for crypt() NULL return.
modules/pam_unix/bigcrypt.c (bigcrypt): Likewise.

diff --git a/modules/pam_pwhistory/opasswd.c b/modules/pam_pwhistory/opasswd.c
index 274fdb928a9906e67c7a2262200cbb4c52183bd5..836d713ea76e4d7f0128921074dc4c5f4fdde50e 100644 (file)
--- a/modules/pam_pwhistory/opasswd.c
+++ b/modules/pam_pwhistory/opasswd.c
@@ -108,7 +108,7 @@ compare_password(const char *newpass, const char *oldpass)
   outval = crypt (newpass, oldpass);
 #endif
 
-  return strcmp(outval, oldpass) == 0;
+  return outval != NULL && strcmp(outval, oldpass) == 0;
 }
 
 /* Check, if the new password is already in the opasswd file.  */

diff --git a/modules/pam_unix/bigcrypt.c b/modules/pam_unix/bigcrypt.c
index e10d1c5605ac5626335bc3a58a96843ae8e7ac68..e1d57a072c4bb563f6adc5b99ccda868f209bece 100644 (file)
--- a/modules/pam_unix/bigcrypt.c
+++ b/modules/pam_unix/bigcrypt.c
@@ -109,6 +109,10 @@ char *bigcrypt(const char *key, const char *salt)
 #else
        tmp_ptr = crypt(plaintext_ptr, salt);   /* libc crypt() */
 #endif
+       if (tmp_ptr == NULL) {
+               free(dec_c2_cryptbuf);
+               return NULL;
+       }
        /* and place in the static area */
        strncpy(cipher_ptr, tmp_ptr, 13);
        cipher_ptr += ESEGMENT_SIZE + SALT_SIZE;
@@ -130,6 +134,11 @@ char *bigcrypt(const char *key, const char *salt)
 #else
                        tmp_ptr = crypt(plaintext_ptr, salt_ptr);
 #endif
+                       if (tmp_ptr == NULL) {
+                               _pam_overwrite(dec_c2_cryptbuf);
+                               free(dec_c2_cryptbuf);
+                               return NULL;
+                       }
 
                        /* skip the salt for seg!=0 */
                        strncpy(cipher_ptr, (tmp_ptr + SALT_SIZE), ESEGMENT_SIZE);