From b1521c97e73b10469f7b34c0571d51c647eca83c Mon Sep 17 00:00:00 2001 From: Lorry Tar Creator Date: Thu, 19 Sep 2013 09:33:00 +0000 Subject: Imported from /home/lorry/working-area/delta_linux-pam/Linux-PAM-1.1.8.tar.bz2. --- modules/pam_unix/bigcrypt.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'modules/pam_unix/bigcrypt.c') diff --git a/modules/pam_unix/bigcrypt.c b/modules/pam_unix/bigcrypt.c index 9922d17..e1d57a0 100644 --- a/modules/pam_unix/bigcrypt.c +++ b/modules/pam_unix/bigcrypt.c @@ -1,20 +1,20 @@ /* * This function implements the "bigcrypt" algorithm specifically for * Linux-PAM. - * + * * This algorithm is algorithm 0 (default) shipped with the C2 secure * implementation of Digital UNIX. - * + * * Disclaimer: This work is not based on the source code to Digital * UNIX, nor am I connected to Digital Equipment Corp, in any way * other than as a customer. This code is based on published * interfaces and reasonable guesswork. - * + * * Description: The cleartext is divided into blocks of SEGMENT_SIZE=8 * characters or less. Each block is encrypted using the standard UNIX * libc crypt function. The result of the encryption for one block * provides the salt for the suceeding block. - * + * * Restrictions: The buffer used to hold the encrypted result is * statically allocated. (see MAX_PASS_LEN below). This is necessary, * as the returned pointer points to "static data that are overwritten @@ -109,6 +109,10 @@ char *bigcrypt(const char *key, const char *salt) #else tmp_ptr = crypt(plaintext_ptr, salt); /* libc crypt() */ #endif + if (tmp_ptr == NULL) { + free(dec_c2_cryptbuf); + return NULL; + } /* and place in the static area */ strncpy(cipher_ptr, tmp_ptr, 13); cipher_ptr += ESEGMENT_SIZE + SALT_SIZE; @@ -130,6 +134,11 @@ char *bigcrypt(const char *key, const char *salt) #else tmp_ptr = crypt(plaintext_ptr, salt_ptr); #endif + if (tmp_ptr == NULL) { + _pam_overwrite(dec_c2_cryptbuf); + free(dec_c2_cryptbuf); + return NULL; + } /* skip the salt for seg!=0 */ strncpy(cipher_ptr, (tmp_ptr + SALT_SIZE), ESEGMENT_SIZE); -- cgit v1.2.1