summaryrefslogtreecommitdiff
path: root/Linux-PAM/modules/pam_unix/support.c
diff options
context:
space:
mode:
Diffstat (limited to 'Linux-PAM/modules/pam_unix/support.c')
-rw-r--r--Linux-PAM/modules/pam_unix/support.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/Linux-PAM/modules/pam_unix/support.c b/Linux-PAM/modules/pam_unix/support.c
index 954f2c73..fc95f2c0 100644
--- a/Linux-PAM/modules/pam_unix/support.c
+++ b/Linux-PAM/modules/pam_unix/support.c
@@ -679,7 +679,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
}
}
} else {
- int salt_len = strlen(salt);
+ size_t salt_len = strlen(salt);
if (!salt_len) {
/* the stored password is NULL */
if (off(UNIX__NONULL, ctrl)) {/* this means we've succeeded */
@@ -689,19 +689,19 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
D(("user has empty password - access denied"));
retval = PAM_AUTH_ERR;
}
- } else if (!p || (*salt == '*')) {
+ } else if (!p || *salt == '*' || *salt == '!') {
retval = PAM_AUTH_ERR;
} else {
if (!strncmp(salt, "$1$", 3)) {
pp = Goodcrypt_md5(p, salt);
- if (strcmp(pp, salt) != 0) {
+ if (pp && strcmp(pp, salt) != 0) {
_pam_delete(pp);
pp = Brokencrypt_md5(p, salt);
}
} else if (*salt != '$' && salt_len >= 13) {
pp = bigcrypt(p, salt);
- if (strlen(pp) > salt_len) {
- pp[salt_len] = '\0';
+ if (pp && salt_len == 13 && strlen(pp) > salt_len) {
+ _pam_overwrite(pp + salt_len);
}
} else {
/*
@@ -715,7 +715,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
/* the moment of truth -- do we agree with the password? */
D(("comparing state of pp[%s] and salt[%s]", pp, salt));
- if (strcmp(pp, salt) == 0) {
+ if (pp && strcmp(pp, salt) == 0) {
retval = PAM_SUCCESS;
} else {
retval = PAM_AUTH_ERR;