From: Stefan Fritsch Date: Fri, 5 Apr 2013 20:15:15 +0000 (+0000) Subject: fix htpasswd/htdbm brown paper bag bugs X-Git-Tag: 2.5.0-alpha~5617 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e84335b00da02b4b85031dcd029a4cdbe0492e1a;p=apache fix htpasswd/htdbm brown paper bag bugs - use the correct string to generate the hash from. PR 54735 - print error message instead of empty string while there, replace strdup + check for oom with apr_pstrdup git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1465115 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 070de15a62..502bdd2f0e 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,8 @@ -*- coding: utf-8 -*- Changes with Apache 2.5.0 + *) htpasswd, htdbm: Fix password generation. PR 54735. [Stefan Fritsch] + *) mod_dav: Improve error handling in dav_method_put(), add new dav_join_error() function. PR 54145. [Ben Reser ] diff --git a/support/htpasswd.c b/support/htpasswd.c index 0989fd81b3..84c1a204f9 100644 --- a/support/htpasswd.c +++ b/support/htpasswd.c @@ -253,7 +253,6 @@ static void check_args(int argc, const char *const argv[], int main(int argc, const char * const argv[]) { apr_file_t *fpw = NULL; - const char *errstr = NULL; char line[MAX_STRING_LEN]; char *pwfilename = NULL; char *user = NULL; @@ -345,7 +344,7 @@ int main(int argc, const char * const argv[]) if (!(mask & APHTP_DELUSER)) { i = mkrecord(&ctx, user); if (i != 0) { - apr_file_printf(errfile, "%s: %s" NL, argv[0], errstr); + apr_file_printf(errfile, "%s: %s" NL, argv[0], ctx.errstr); exit(i); } if (mask & APHTP_NOFILE) { diff --git a/support/passwd_common.c b/support/passwd_common.c index 7636835902..95612b70c3 100644 --- a/support/passwd_common.c +++ b/support/passwd_common.c @@ -113,17 +113,17 @@ void putline(apr_file_t *f, const char *l) int get_password(struct passwd_ctx *ctx) { + char buf[MAX_STRING_LEN + 1]; if (ctx->passwd_src == PW_STDIN) { - char *buf = ctx->out; apr_file_t *file_stdin; apr_size_t nread; if (apr_file_open_stdin(&file_stdin, ctx->pool) != APR_SUCCESS) { ctx->errstr = "Unable to read from stdin."; return ERR_GENERAL; } - if (apr_file_read_full(file_stdin, buf, ctx->out_len - 1, + if (apr_file_read_full(file_stdin, buf, sizeof(buf) - 1, &nread) != APR_EOF - || nread == ctx->out_len - 1) { + || nread == sizeof(buf) - 1) { goto err_too_long; } buf[nread] = '\0'; @@ -133,21 +133,24 @@ int get_password(struct passwd_ctx *ctx) buf[nread-2] = '\0'; } apr_file_close(file_stdin); + ctx->passwd = apr_pstrdup(ctx->pool, buf); } else { - char buf[MAX_STRING_LEN + 1]; apr_size_t bufsize = sizeof(buf); - if (apr_password_get("New password: ", ctx->out, &ctx->out_len) != 0) + if (apr_password_get("New password: ", buf, &bufsize) != 0) goto err_too_long; + ctx->passwd = apr_pstrdup(ctx->pool, buf); + bufsize = sizeof(buf); + buf[0] = '\0'; apr_password_get("Re-type new password: ", buf, &bufsize); - if (strcmp(ctx->out, buf) != 0) { + if (strcmp(ctx->passwd, buf) != 0) { ctx->errstr = "password verification error"; - memset(ctx->out, '\0', ctx->out_len); + memset(ctx->passwd, '\0', strlen(ctx->passwd)); memset(buf, '\0', sizeof(buf)); return ERR_PWMISMATCH; } - memset(buf, '\0', sizeof(buf)); } + memset(buf, '\0', sizeof(buf)); return 0; err_too_long: @@ -164,7 +167,6 @@ err_too_long: int mkhash(struct passwd_ctx *ctx) { char *pw; - char pwin[MAX_STRING_LEN]; char salt[16]; apr_status_t rv; int ret = 0; @@ -177,14 +179,11 @@ int mkhash(struct passwd_ctx *ctx) "Warning: Ignoring -C argument for this algorithm." NL); } - if (ctx->passwd != NULL) { - pw = ctx->passwd; - } - else { + if (ctx->passwd == NULL) { if ((ret = get_password(ctx)) != 0) return ret; - pw = pwin; } + pw = ctx->passwd; switch (ctx->alg) { case ALG_APSHA: @@ -224,9 +223,7 @@ int mkhash(struct passwd_ctx *ctx) apr_cpystrn(ctx->out, cbuf, ctx->out_len - 1); if (strlen(pw) > 8) { - char *truncpw = strdup(pw); - if (truncpw == NULL) - abort_on_oom(0); + char *truncpw = apr_pstrdup(ctx->pool, pw); truncpw[8] = '\0'; if (!strcmp(ctx->out, crypt(truncpw, salt))) { apr_file_printf(errfile, "Warning: Password truncated to 8 "