From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Thu, 2 Jun 2011 19:53:55 +0000 (+0200)
Subject: Guards for memory allocation errors in pam_cracklib module.
X-Git-Tag: v1.1.4~20
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=48590abce86b34e55c84f71424449f16d285eaf2;p=linux-pam

Guards for memory allocation errors in pam_cracklib module.
---

diff --git a/ChangeLog b/ChangeLog
index e91af88b..7af2a869 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,10 @@
 	* modules/pam_namespace/pam_namespace.8.xml: Document the mount_private
 	option.
 
+	* modules/pam_cracklib/pam_cracklib.c (str_lower): Make it no-op
+	on NULL strings.
+	(password_check): Guard for NULLs returned from memory allocation.
+
 2011-05-30  Thorsten Kukuk  <kukuk@thkukuk.de>
 
 	* modules/pam_timestamp/pam_timestamp.c (main): Remove unsused
diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c
index 2e911261..1955b83f 100644
--- a/modules/pam_cracklib/pam_cracklib.c
+++ b/modules/pam_cracklib/pam_cracklib.c
@@ -473,6 +473,9 @@ static char * str_lower(char *string)
 {
 	char *cp;
 
+	if (!string)
+		return NULL;
+
 	for (cp = string; *cp; cp++)
 		*cp = tolower(*cp);
 	return string;
@@ -492,15 +495,26 @@ static const char *password_check(struct cracklib_options *opt,
 	}
 
 	newmono = str_lower(x_strdup(new));
+	if (!newmono)
+		msg = _("memory allocation error");
+
 	usermono = str_lower(x_strdup(user));
-	if (old) {
-	  oldmono = str_lower(x_strdup(old));
-	  wrapped = malloc(strlen(oldmono) * 2 + 1);
-	  strcpy (wrapped, oldmono);
-	  strcat (wrapped, oldmono);
+	if (!usermono)
+		msg = _("memory allocation error");
+
+	if (!msg && old) {
+		oldmono = str_lower(x_strdup(old));
+		if (oldmono)
+			wrapped = malloc(strlen(oldmono) * 2 + 1);
+		if (wrapped) {
+			strcpy (wrapped, oldmono);
+			strcat (wrapped, oldmono);
+		} else {
+			msg = _("memory allocation error");
+		}
 	}
 
-	if (palindrome(newmono))
+	if (!msg && palindrome(newmono))
 		msg = _("is a palindrome");
 
 	if (!msg && oldmono && strcmp(oldmono, newmono) == 0)
@@ -524,13 +538,17 @@ static const char *password_check(struct cracklib_options *opt,
 	if (!msg && usercheck(opt, newmono, usermono))
 	        msg = _("contains the user name in some form");
 
-	memset(newmono, 0, strlen(newmono));
-	free(newmono);
 	free(usermono);
-	if (old) {
+	if (newmono) {
+		memset(newmono, 0, strlen(newmono));
+		free(newmono);
+	}
+	if (oldmono) {
 	  memset(oldmono, 0, strlen(oldmono));
-	  memset(wrapped, 0, strlen(wrapped));
 	  free(oldmono);
+	}
+	if (wrapped) {
+	  memset(wrapped, 0, strlen(wrapped));
 	  free(wrapped);
 	}