summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2004-03-10 21:30:28 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2004-03-10 21:30:28 +0000
commitff294b0a943dc81c4cf0a467e96b76d5442a1c4f (patch)
treeb92e051489c97d48a88503f132aa292be124df55
parent56d7d8a963877ba2ee5123ab43220c21f7fc6459 (diff)
More checking for a NULL return value from getpass(). otto@ OK
-rw-r--r--libexec/login_chpass/login_chpass.c8
-rw-r--r--libexec/login_lchpass/login_lchpass.c5
-rw-r--r--libexec/login_passwd/login.c5
-rw-r--r--libexec/login_passwd/login_passwd.c4
-rw-r--r--libexec/login_radius/raddauth.c11
-rw-r--r--libexec/login_skey/login_skey.c5
-rw-r--r--libexec/login_token/login_token.c8
7 files changed, 29 insertions, 17 deletions
diff --git a/libexec/login_chpass/login_chpass.c b/libexec/login_chpass/login_chpass.c
index c592638a7c6..6b22cbf582f 100644
--- a/libexec/login_chpass/login_chpass.c
+++ b/libexec/login_chpass/login_chpass.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: login_chpass.c,v 1.11 2003/08/12 13:14:08 hin Exp $ */
+/* $OpenBSD: login_chpass.c,v 1.12 2004/03/10 21:30:27 millert Exp $ */
/*-
* Copyright (c) 1995,1996 Berkeley Software Design, Inc. All rights reserved.
@@ -197,8 +197,10 @@ yp_chpass(char *username)
}
if (pw == NULL) {
char *p = getpass("Old password:");
- crypt(p, "xx");
- memset(p, 0, strlen(p));
+ if (p != NULL) {
+ crypt(p, "xx");
+ memset(p, 0, strlen(p));
+ }
warnx("YP passwd database unchanged.");
exit(1);
}
diff --git a/libexec/login_lchpass/login_lchpass.c b/libexec/login_lchpass/login_lchpass.c
index f2a9f596df4..9faa14a915c 100644
--- a/libexec/login_lchpass/login_lchpass.c
+++ b/libexec/login_lchpass/login_lchpass.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: login_lchpass.c,v 1.11 2002/10/15 20:56:02 millert Exp $ */
+/* $OpenBSD: login_lchpass.c,v 1.12 2004/03/10 21:30:27 millert Exp $ */
/*-
* Copyright (c) 1995,1996 Berkeley Software Design, Inc. All rights reserved.
@@ -125,7 +125,8 @@ main(int argc, char *argv[])
(void)setpriority(PRIO_PROCESS, 0, -4);
(void)printf("Changing local password for %s.\n", username);
- p = getpass("Old Password:");
+ if ((p = getpass("Old Password:")) == NULL)
+ exit(1);
salt = crypt(p, salt);
memset(p, 0, strlen(p));
diff --git a/libexec/login_passwd/login.c b/libexec/login_passwd/login.c
index 3ce5acde35d..e4bfb20bce9 100644
--- a/libexec/login_passwd/login.c
+++ b/libexec/login_passwd/login.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: login.c,v 1.6 2003/03/17 02:20:17 deraadt Exp $ */
+/* $OpenBSD: login.c,v 1.7 2004/03/10 21:30:27 millert Exp $ */
/*-
* Copyright (c) 1995 Berkeley Software Design, Inc. All rights reserved.
@@ -159,7 +159,8 @@ main(int argc, char **argv)
ret = pwd_login(username, password, wheel, lastchance, class);
#endif
- memset(password, 0, strlen(password));
+ if (password != NULL)
+ memset(password, 0, strlen(password));
if (ret != AUTH_OK)
fprintf(back, BI_REJECT "\n");
diff --git a/libexec/login_passwd/login_passwd.c b/libexec/login_passwd/login_passwd.c
index 62b29a547d0..a2c2601714f 100644
--- a/libexec/login_passwd/login_passwd.c
+++ b/libexec/login_passwd/login_passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: login_passwd.c,v 1.7 2003/07/29 18:39:23 deraadt Exp $ */
+/* $OpenBSD: login_passwd.c,v 1.8 2004/03/10 21:30:27 millert Exp $ */
/*-
* Copyright (c) 2001 Hans Insulander <hin@openbsd.org>.
@@ -42,6 +42,8 @@ pwd_login(char *username, char *password, char *wheel, int lastchance,
fprintf(back, BI_REJECT "\n");
return (AUTH_FAILED);
}
+ if (password == NULL)
+ return (AUTH_FAILED);
pwd = getpwnam(username);
if (pwd)
diff --git a/libexec/login_radius/raddauth.c b/libexec/login_radius/raddauth.c
index 450481a1844..44278b946f4 100644
--- a/libexec/login_radius/raddauth.c
+++ b/libexec/login_radius/raddauth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: raddauth.c,v 1.15 2004/03/03 22:05:15 jcs Exp $ */
+/* $OpenBSD: raddauth.c,v 1.16 2004/03/10 21:30:27 millert Exp $ */
/*-
* Copyright (c) 1996, 1997 Berkeley Software Design, Inc. All rights reserved.
@@ -187,9 +187,9 @@ raddauth(char *username, char *class, char *style, char *challenge,
}
if (passwd == NULL)
passwd = getpass("Password:");
- } else if (password != NULL)
- passwd = password;
- else
+ } else
+ passwd = password;
+ if (password == NULL)
passwd = "";
if ((v = login_getcapstr(lc, "radius-server", NULL, NULL)) == NULL){
@@ -308,7 +308,8 @@ retry:
return (0);
}
req_id++;
- passwd = getpass("");
+ if ((passwd = getpass("")) == NULL)
+ passwd = "";
break;
default:
diff --git a/libexec/login_skey/login_skey.c b/libexec/login_skey/login_skey.c
index b71b1359e5c..fe7f33cea75 100644
--- a/libexec/login_skey/login_skey.c
+++ b/libexec/login_skey/login_skey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: login_skey.c,v 1.11 2002/09/06 18:45:07 deraadt Exp $ */
+/* $OpenBSD: login_skey.c,v 1.12 2004/03/10 21:30:27 millert Exp $ */
/*-
* Copyright (c) 1995 Berkeley Software Design, Inc. All rights reserved.
@@ -182,7 +182,8 @@ main(int argc, char *argv[])
if (haskey)
alarm(120);
resumed = 0;
- readpassphrase(skeyprompt, passbuf, sizeof(passbuf), 0);
+ if (!readpassphrase(skeyprompt, passbuf, sizeof(passbuf), 0))
+ exit(1);
if (passbuf[0] == '\0')
readpassphrase("S/Key Password [echo on]: ",
passbuf, sizeof(passbuf), RPP_ECHO_ON);
diff --git a/libexec/login_token/login_token.c b/libexec/login_token/login_token.c
index 29e091e2f19..668a3b0fc02 100644
--- a/libexec/login_token/login_token.c
+++ b/libexec/login_token/login_token.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: login_token.c,v 1.7 2002/09/06 18:19:14 deraadt Exp $ */
+/* $OpenBSD: login_token.c,v 1.8 2004/03/10 21:30:27 millert Exp $ */
/*-
* Copyright (c) 1995, 1996 Berkeley Software Design, Inc. All rights reserved.
@@ -156,12 +156,16 @@ main(int argc, char *argv[])
}
pp = readpassphrase(challenge, response, sizeof(response), 0);
- if (!pp || *pp == '\0') {
+ if (pp == NULL)
+ exit(1);
+ if (*pp == '\0') {
char buf[64];
snprintf(buf, sizeof(buf), "%s Response [echo on]: ",
tt->proper);
pp = readpassphrase(buf, response, sizeof(response),
RPP_ECHO_ON);
+ if (pp == NULL)
+ exit(1);
}
}