Avoid segfault for locked accounts (invalid salt to crypt())

author: Matt Johnston <matt@ucc.asn.au> 2013-04-29 23:42:37 +0800
committer: Matt Johnston <matt@ucc.asn.au> 2013-04-29 23:42:37 +0800
commit: ad8ea1168f125b7ad7455c8b5151ec78bebbac63 (patch)
tree: 2d2e6bed6f4be72eacaa619c6acd9ab020c496e7 /svr-authpasswd.c
parent: f2de76a7d2769f5fc971e29772c9fb537df332d3 (diff)
download: dropbear-ad8ea1168f125b7ad7455c8b5151ec78bebbac63.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/svr-authpasswd.c b/svr-authpasswd.c
index 38fccc2..17dd2a1 100644
--- a/svr-authpasswd.c
+++ b/svr-authpasswd.c
@@ -66,6 +66,14 @@ void svr_auth_password() {
 	m_burn(password, passwordlen);
 	m_free(password);
 
+	if (testcrypt == NULL) {
+		/* crypt() with an invalid salt like "!!" */
+		dropbear_log(LOG_WARNING, "User account '%s' is locked",
+				ses.authstate.pw_name);
+		send_msg_userauth_failure(0, 1);
+		return;
+	}
+
 	/* check for empty password */
 	if (passwdcrypt[0] == '\0') {
 		dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
author	Matt Johnston <matt@ucc.asn.au>	2013-04-29 23:42:37 +0800
committer	Matt Johnston <matt@ucc.asn.au>	2013-04-29 23:42:37 +0800
commit	ad8ea1168f125b7ad7455c8b5151ec78bebbac63 (patch)
tree	2d2e6bed6f4be72eacaa619c6acd9ab020c496e7 /svr-authpasswd.c
parent	f2de76a7d2769f5fc971e29772c9fb537df332d3 (diff)
download	dropbear-ad8ea1168f125b7ad7455c8b5151ec78bebbac63.tar.gz