Handle NULL return from crypt(3). Mostly from DragonFly

author: kevlo <kevlo@FreeBSD.org> 2012-02-22 06:27:20 +0000
committer: kevlo <kevlo@FreeBSD.org> 2012-02-22 06:27:20 +0000
commit: 1381e63d6caac1d5d064b60f6e2cb11bf0608e14 (patch)
tree: 456afe25d5d911e27dc003830e6ca01ed80dab54 /usr.sbin/rpc.yppasswdd
parent: 749a5f142f69ff02971e21c6dca8eab3f65d8de9 (diff)
download: FreeBSD-src-1381e63d6caac1d5d064b60f6e2cb11bf0608e14.zip
FreeBSD-src-1381e63d6caac1d5d064b60f6e2cb11bf0608e14.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.sbin/rpc.yppasswdd/yppasswdd_server.c b/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
index 446b130..0260e4c 100644
--- a/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
+++ b/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
@@ -460,6 +460,7 @@ yppasswdproc_update_1_svc(yppasswd *argp, struct svc_req *rqstp)
 	int passwd_changed = 0;
 	int shell_changed = 0;
 	int gecos_changed = 0;
+	char *cryptpw;
 	char *oldshell = NULL;
 	char *oldgecos = NULL;
 	char *passfile_hold;
@@ -537,8 +538,8 @@ yppasswdproc_update_1_svc(yppasswd *argp, struct svc_req *rqstp)
 
 	/* Step 2: check that the supplied oldpass is valid. */
 
-	if (strcmp(crypt(argp->oldpass, yp_password.pw_passwd),
-					yp_password.pw_passwd)) {
+	cryptpw = crypt(argp->oldpass, yp_password.pw_passwd);
+	if (cryptpw == NULL || strcmp(cryptpw, yp_password.pw_passwd)) {
 		yp_error("rejected change attempt -- bad password");
 		yp_error("client address: %s username: %s",
 			  inet_ntoa(rqhost->sin_addr),
author	kevlo <kevlo@FreeBSD.org>	2012-02-22 06:27:20 +0000
committer	kevlo <kevlo@FreeBSD.org>	2012-02-22 06:27:20 +0000
commit	1381e63d6caac1d5d064b60f6e2cb11bf0608e14 (patch)
tree	456afe25d5d911e27dc003830e6ca01ed80dab54 /usr.sbin/rpc.yppasswdd
parent	749a5f142f69ff02971e21c6dca8eab3f65d8de9 (diff)
download	FreeBSD-src-1381e63d6caac1d5d064b60f6e2cb11bf0608e14.zip FreeBSD-src-1381e63d6caac1d5d064b60f6e2cb11bf0608e14.tar.gz