1 From 9dc2b215e83a63efa242f6acd3ab7af8b608e5a1 Mon Sep 17 00:00:00 2001
2 From: Jeremy Harris <jgh146exb@wizmail.org>
3 Date: Mon, 11 Jan 2016 15:50:22 +0000
4 Subject: [PATCH] Expansions: Fix crash in crypteq: On OpenBSD a bad second-arg
5 results in an error-return from crypt(). Errorcheck that return.
8 src/expand.c | 14 +++++++++++---
9 1 file changed, 11 insertions(+), 3 deletions(-)
11 diff --git a/src/expand.c b/src/expand.c
12 index f144a75..2966c22 100644
15 @@ -2791,7 +2791,7 @@ switch(cond_type)
16 #define XSTR(s) STR(s)
17 DEBUG(D_auth) debug_printf("crypteq: using %s()\n"
18 " subject=%s\n crypted=%s\n",
19 - (which == 0)? XSTR(DEFAULT_CRYPT) : (which == 1)? "crypt" : "crypt16",
20 + which == 0 ? XSTR(DEFAULT_CRYPT) : which == 1 ? "crypt" : "crypt16",
24 @@ -2800,8 +2800,16 @@ switch(cond_type)
25 salt), force failure. Otherwise we get false positives: with an empty
26 string the yield of crypt() is an empty string! */
28 - tempcond = (Ustrlen(sub[1]) < 2)? FALSE :
29 - (Ustrcmp(coded, sub[1]) == 0);
31 + tempcond = Ustrlen(sub[1]) < 2 ? FALSE : Ustrcmp(coded, sub[1]) == 0;
32 + else if (errno == EINVAL)
36 + expand_string_message = string_sprintf("crypt error: %s\n",
37 + US strerror(errno));
42 #endif /* SUPPORT_CRYPTEQ */