From 9646444e89751c81cac98fa35d5785f497b379c9 Mon Sep 17 00:00:00 2001
From: Nathan Neulinger <nneul@neulinger.org>
Date: Fri, 4 Feb 2005 19:57:04 +0000
Subject: [PATCH] *** empty log message ***

git-svn-id: file:///tmp/cracklib-svn/trunk/cracklib@12 4175fe1e-86d5-4fdc-8e6a-506fab9d8533
---
 ChangeLog            |  6 ++++
 Makefile.am          |  6 ++--
 lib/fascist.c        |  1 +
 lib/packlib.c        | 68 +++++++++++++++++++++++++++++++++++---------
 test-data            |  1 +
 util/cracklib-format |  4 ++-
 6 files changed, 69 insertions(+), 17 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index fcfa0b4..b2762f7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2005-02-04:
+    * Corrected problems with invalid binary search behavior and resulting segfaults due to index read failures
+    * Changed index build to include symbols and other non-alpha characters
+
 2005-02-03:
     * Started initial repackaging of v2.7 in preparation for auto'ifying
       the build process.
+
+
diff --git a/Makefile.am b/Makefile.am
index 5acac45..d0c4b96 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -7,8 +7,8 @@ EXTRA_DIST = 	\
 		README-WORDS \
 		test-data
 
-test:
-	util/testcheck < test-data
+test: all
+	util/cracklib-check < test-data
 
-dict:
+dict: all
 	PATH="./util:$$PATH" ./util/create-cracklib-dict dicts/*
diff --git a/lib/fascist.c b/lib/fascist.c
index 2f5297a..47a014c 100644
--- a/lib/fascist.c
+++ b/lib/fascist.c
@@ -819,5 +819,6 @@ FascistCheck(password, path)
 	strncpy(lastpath, path, STRINGSIZE);
     }
 
+    /* sure seems like we should close the database, since we're only likely to check one password */
     return (FascistLook(pwp, pwtrunced));
 }
diff --git a/lib/packlib.c b/lib/packlib.c
index 0bcb92d..98402e8 100644
--- a/lib/packlib.c
+++ b/lib/packlib.c
@@ -105,10 +105,18 @@ PWOpen(prefix, mode)
 
 	if (pdesc.flags & PFOR_USEHWMS)
 	{
+            int i;
+
 	    if (fread(pdesc.hwms, 1, sizeof(pdesc.hwms), wfp) != sizeof(pdesc.hwms))
 	    {
 		pdesc.flags &= ~PFOR_USEHWMS;
 	    }
+#if 0
+            for (i=1; i<=0xff; i++)
+            {
+                printf("hwm[%02x] = %d\n", i, pdesc.hwms[i]);
+            }
+#endif
 	}
     }
 
@@ -151,7 +159,7 @@ PWClose(pwp)
 	    	{
 	    	    pwp->hwms[i] = pwp->hwms[i-1];
 	    	}
-#ifdef DEBUG
+#if 0
 	    	printf("hwm[%02x] = %d\n", i, pwp->hwms[i]);
 #endif
 	    }
@@ -249,12 +257,12 @@ GetPW(pwp, number)
 
     if (prevblock == thisblock)
     {
+#if 0
+	fprintf(stderr, "returning (%s)\n", data[number % NUMWORDS]);
+#endif
 	return (data[number % NUMWORDS]);
     }
 
-fprintf(stderr, "seek to %d for block %d lookup number %d\n", sizeof(struct pi_header) + (thisblock * sizeof(int32)), 
-	thisblock, number);
-
     if (fseek(pwp->ifp, sizeof(struct pi_header) + (thisblock * sizeof(int32)), 0))
     {
 	perror("(index fseek failed)");
@@ -312,46 +320,80 @@ FindPW(pwp, string)
     register char *this;
     int idx;
 
+#if 0
+fprintf(stderr, "look for (%s)\n", string);
+#endif
+
     if (pwp->flags & PFOR_USEHWMS)
     {
 	idx = string[0] & 0xff;
     	lwm = idx ? pwp->hwms[idx - 1] : 0;
     	hwm = pwp->hwms[idx];
+
+#if 0
+	fprintf(stderr, "idx = %d\n", idx);
+	fprintf(stderr, "lwm = %d,  hwm = %d\n", lwm, hwm);
+#endif
     } else
     {
     	lwm = 0;
     	hwm = PW_WORDS(pwp) - 1;
     }
 
-#ifdef DEBUG
-    printf("---- %lu, %lu ----\n", lwm, hwm);
+    /* if the high water mark is lower than the low water mark, something is screwed up */
+    if ( hwm < lwm )
+    {
+	lwm = 0;
+	hwm = PW_WORDS(pwp) - 1;
+    }
+
+#if 0
+    fprintf(stderr, "---- %lu, %lu ----\n", lwm, hwm);
 #endif
 
     for (;;)
     {
 	int cmp;
 
-#ifdef DEBUG
-	printf("%lu, %lu\n", lwm, hwm);
-#endif
-
 	middle = lwm + ((hwm - lwm + 1) / 2);
 
+#if 0
+	fprintf(stderr, "lwm = %lu,  middle = %lu,  hwm = %lu\n", lwm, middle, hwm);
+#endif
+
 	if (middle == hwm)
 	{
+#if 0
+	    fprintf(stderr, "at terminal subdivision, breaking loop\n");
+#endif
 	    break;
 	}
 
 	this = GetPW(pwp, middle);
-	cmp = strcmp(string, this);		/* INLINE ? */
+	if ( ! this )
+	{
+#if 0
+		fprintf(stderr, "getpw returned null, returning null in FindPW\n");
+#endif
+		return(PW_WORDS(pwp));
+	}
+	else
+	{
+#if 0
+		fprintf(stderr, "comparing %s against found %s\n", string, this);
+#endif
+	}
 
+	cmp = strcmp(string, this);
 	if (cmp < 0)
 	{
 	    hwm = middle;
-	} else if (cmp > 0)
+	} 
+	else if (cmp > 0)
 	{
 	    lwm = middle;
-	} else
+	} 
+	else
 	{
 	    return (middle);
 	}
diff --git a/test-data b/test-data
index f58e3e2..feecd7b 100644
--- a/test-data
+++ b/test-data
@@ -1,3 +1,4 @@
+antzer
 G@ndalf
 neulinger
 lantzer
diff --git a/util/cracklib-format b/util/cracklib-format
index 01238a1..2f40dc1 100644
--- a/util/cracklib-format
+++ b/util/cracklib-format
@@ -3,9 +3,11 @@
 # This preprocesses a set of word lists into a suitable form for input
 # into cracklib-packer
 #
+# removed this, cause it seems like the database should also include special chars and symbols for optimum results
+#    tr -cd '\012[a-z][0-9]' |
+#
 gzip -cdf $* |
     tr '[A-Z]' '[a-z]' |
-    tr -cd '\012[a-z][0-9]' |
     sort |
     uniq |
     grep -v '^#' |
-- 
2.40.0