From 9b5f70b93e038df5446bd37a4adac5a0380748e7 Mon Sep 17 00:00:00 2001 From: johannes Date: Wed, 21 Feb 2018 23:57:11 +0100 Subject: [PATCH] crypt_checkpass: include HAVE_CRYPT_H definition, add NULL check Patch-Source: https://github.com/OpenSMTPD/OpenSMTPD/pull/835 --- openbsd-compat/crypt_checkpass.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/openbsd-compat/crypt_checkpass.c b/openbsd-compat/crypt_checkpass.c index dafd2dae..d10b3a57 100644 --- a/openbsd-compat/crypt_checkpass.c +++ b/openbsd-compat/crypt_checkpass.c @@ -1,5 +1,6 @@ /* OPENBSD ORIGINAL: lib/libc/crypt/cryptutil.c */ +#include "includes.h" #include #ifdef HAVE_CRYPT_H #include @@ -10,6 +11,8 @@ int crypt_checkpass(const char *pass, const char *goodhash) { + char *c; + if (goodhash == NULL) goto fail; @@ -17,7 +20,11 @@ crypt_checkpass(const char *pass, const char *goodhash) if (strlen(goodhash) == 0 && strlen(pass) == 0) return 0; - if (strcmp(crypt(pass, goodhash), goodhash) == 0) + c = crypt(pass, goodhash); + if (c == NULL) + goto fail; + + if (strcmp(c, goodhash) == 0) return 0; fail: