diff options
author | Jo-Philipp Wich <jo@mein.io> | 2019-05-22 14:25:52 +0200 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2019-05-22 14:25:52 +0200 |
commit | 569284a119f958154fe076f5bc06b031d59a71cc (patch) | |
tree | c4d8820ff5600ce8db782435deefac6d71c32b4b /session.c | |
parent | d610800a0f483a0f4af58f08bc4ac84c4ba3e07e (diff) | |
download | rpcd-569284a119f958154fe076f5bc06b031d59a71cc.tar.gz |
session: handle NULL return values of crypt()
The crypt() function may return NULL with errno ENOSYS when an attempt
was made to crypt the plaintext password using a salt requesting an
unsupported cipher.
Avoid triggering segmentation faults in the subsequent strcmp() operation
by checking for a non-NULL hash value.
Fixes: FS#2291
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -822,7 +822,7 @@ rpc_login_test_password(const char *hash, const char *password) crypt_hash = crypt(password, hash); - return !strcmp(crypt_hash, hash); + return (crypt_hash && !strcmp(crypt_hash, hash)); } static struct uci_section * |