Home Explore Help
Register Sign In
OWEALs
/
rpcd
mirror of https://git.openwrt.org/project/rpcd.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

session: handle NULL return values of crypt()

The crypt() function may return NULL with errno ENOSYS when an attempt
was made to crypt the plaintext password using a salt requesting an
unsupported cipher.

Avoid triggering segmentation faults in the subsequent strcmp() operation
by checking for a non-NULL hash value.

Fixes: FS#2291
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Jo-Philipp Wich 4 years ago
parent
d610800a0f
commit
569284a119
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      session.c

+ 1 - 1
session.c
View File 

@@ -822,7 +822,7 @@ rpc_login_test_password(const char *hash, const char *password)
 
 
 	crypt_hash = crypt(password, hash);
 
 
-	return !strcmp(crypt_hash, hash);
 
+	return (crypt_hash && !strcmp(crypt_hash, hash));
 
 }
 
 
 static struct uci_section *