diff options
| author | Tomas Mraz <tmraz@fedoraproject.org> | 2011-06-02 21:53:55 +0200 |
|---|---|---|
| committer | Tomas Mraz <tmraz@fedoraproject.org> | 2011-06-02 21:53:55 +0200 |
| commit | 48590abce86b34e55c84f71424449f16d285eaf2 (patch) | |
| tree | d5bbf32f2d481fbfd9081dd2bbeb8aae0abc3f59 | |
| parent | be52e613145564d55becf220111c0c81038eb7f6 (diff) | |
Guards for memory allocation errors in pam_cracklib module.
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | modules/pam_cracklib/pam_cracklib.c | 38 |
2 files changed, 32 insertions, 10 deletions
@@ -9,6 +9,10 @@ * modules/pam_namespace/pam_namespace.8.xml: Document the mount_private option. + * modules/pam_cracklib/pam_cracklib.c (str_lower): Make it no-op + on NULL strings. + (password_check): Guard for NULLs returned from memory allocation. + 2011-05-30 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_timestamp/pam_timestamp.c (main): Remove unsused diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c index 2e911261..1955b83f 100644 --- a/modules/pam_cracklib/pam_cracklib.c +++ b/modules/pam_cracklib/pam_cracklib.c @@ -473,6 +473,9 @@ static char * str_lower(char *string) { char *cp; + if (!string) + return NULL; + for (cp = string; *cp; cp++) *cp = tolower(*cp); return string; @@ -492,15 +495,26 @@ static const char *password_check(struct cracklib_options *opt, } newmono = str_lower(x_strdup(new)); + if (!newmono) + msg = _("memory allocation error"); + usermono = str_lower(x_strdup(user)); - if (old) { - oldmono = str_lower(x_strdup(old)); - wrapped = malloc(strlen(oldmono) * 2 + 1); - strcpy (wrapped, oldmono); - strcat (wrapped, oldmono); + if (!usermono) + msg = _("memory allocation error"); + + if (!msg && old) { + oldmono = str_lower(x_strdup(old)); + if (oldmono) + wrapped = malloc(strlen(oldmono) * 2 + 1); + if (wrapped) { + strcpy (wrapped, oldmono); + strcat (wrapped, oldmono); + } else { + msg = _("memory allocation error"); + } } - if (palindrome(newmono)) + if (!msg && palindrome(newmono)) msg = _("is a palindrome"); if (!msg && oldmono && strcmp(oldmono, newmono) == 0) @@ -524,13 +538,17 @@ static const char *password_check(struct cracklib_options *opt, if (!msg && usercheck(opt, newmono, usermono)) msg = _("contains the user name in some form"); - memset(newmono, 0, strlen(newmono)); - free(newmono); free(usermono); - if (old) { + if (newmono) { + memset(newmono, 0, strlen(newmono)); + free(newmono); + } + if (oldmono) { memset(oldmono, 0, strlen(oldmono)); - memset(wrapped, 0, strlen(wrapped)); free(oldmono); + } + if (wrapped) { + memset(wrapped, 0, strlen(wrapped)); free(wrapped); } |