mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
s4:dsdb/password_hash: Add additional check for crypt() and crypt_r() failure
While crypt_rn() always returns a null pointer in the event of failure, crypt() and crypt_r() may instead return a string starting with the character '*'. This commit adds a check to detect failure in this case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14621 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
609ca65765
commit
0730b936d7
@ -1540,6 +1540,7 @@ static int setup_primary_userPassword_hash(
|
|||||||
* RHEL 7 behaviour.
|
* RHEL 7 behaviour.
|
||||||
*/
|
*/
|
||||||
errno = 0;
|
errno = 0;
|
||||||
|
|
||||||
#ifdef HAVE_CRYPT_RN
|
#ifdef HAVE_CRYPT_RN
|
||||||
hash = crypt_rn((char *)io->n.cleartext_utf8->data,
|
hash = crypt_rn((char *)io->n.cleartext_utf8->data,
|
||||||
cmd,
|
cmd,
|
||||||
@ -1554,7 +1555,11 @@ static int setup_primary_userPassword_hash(
|
|||||||
*/
|
*/
|
||||||
hash = crypt((char *)io->n.cleartext_utf8->data, cmd);
|
hash = crypt((char *)io->n.cleartext_utf8->data, cmd);
|
||||||
#endif
|
#endif
|
||||||
if (hash == NULL) {
|
/*
|
||||||
|
* On error, crypt() and crypt_r() may return a null pointer,
|
||||||
|
* or a pointer to an invalid hash beginning with a '*'.
|
||||||
|
*/
|
||||||
|
if (hash == NULL || hash[0] == '*') {
|
||||||
char buf[1024];
|
char buf[1024];
|
||||||
int err = strerror_r(errno, buf, sizeof(buf));
|
int err = strerror_r(errno, buf, sizeof(buf));
|
||||||
if (err != 0) {
|
if (err != 0) {
|
||||||
|
Loading…
Reference in New Issue
Block a user