summaryrefslogtreecommitdiff
path: root/source/installer/dropbear/dropbear.glibc.crypt.diff
diff options
context:
space:
mode:
Diffstat (limited to 'source/installer/dropbear/dropbear.glibc.crypt.diff')
-rw-r--r--source/installer/dropbear/dropbear.glibc.crypt.diff28
1 files changed, 28 insertions, 0 deletions
diff --git a/source/installer/dropbear/dropbear.glibc.crypt.diff b/source/installer/dropbear/dropbear.glibc.crypt.diff
new file mode 100644
index 00000000..3184210d
--- /dev/null
+++ b/source/installer/dropbear/dropbear.glibc.crypt.diff
@@ -0,0 +1,28 @@
+
+# HG changeset patch
+# User Matt Johnston <matt@ucc.asn.au>
+# Date 1367250157 -28800
+# Node ID 7bd88d546627ff31d0e2d91e6022b3e77a943efb
+# Parent ea04e3eb03e2c3d59d82e361882711de844068a4
+Avoid segfault for locked accounts (invalid salt to crypt())
+
+diff -r ea04e3eb03e2 -r 7bd88d546627 svr-authpasswd.c
+--- a/svr-authpasswd.c Thu Apr 18 23:15:17 2013 +0800
++++ b/svr-authpasswd.c Mon Apr 29 23:42:37 2013 +0800
+@@ -66,6 +66,14 @@
+ m_burn(password, passwordlen);
+ m_free(password);
+
++ if (testcrypt == NULL) {
++ /* crypt() with an invalid salt like "!!" */
++ dropbear_log(LOG_WARNING, "User account '%s' is locked",
++ ses.authstate.pw_name);
++ send_msg_userauth_failure(0, 1);
++ return;
++ }
++
+ /* check for empty password */
+ if (passwdcrypt[0] == '\0') {
+ dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
+
+