summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2004-03-10 21:23:18 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2004-03-10 21:23:18 +0000
commit56d7d8a963877ba2ee5123ab43220c21f7fc6459 (patch)
treea85c127536a13eaf2d67439c00a13b7073629b06
parenta2434ce59115a27a0a870eb3ceb5242af6b8eea4 (diff)
Check getpass() return value for NULL. Closes Pr 3706.
With help and OK from otto@.
-rw-r--r--usr.bin/passwd/local_passwd.c15
-rw-r--r--usr.bin/passwd/yp_passwd.c15
2 files changed, 17 insertions, 13 deletions
diff --git a/usr.bin/passwd/local_passwd.c b/usr.bin/passwd/local_passwd.c
index c236dff57df..e0b9436f82d 100644
--- a/usr.bin/passwd/local_passwd.c
+++ b/usr.bin/passwd/local_passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: local_passwd.c,v 1.30 2003/06/20 16:53:27 deraadt Exp $ */
+/* $OpenBSD: local_passwd.c,v 1.31 2004/03/10 21:23:17 millert Exp $ */
/*-
* Copyright (c) 1990 The Regents of the University of California.
@@ -31,7 +31,7 @@
#ifndef lint
/*static const char sccsid[] = "from: @(#)local_passwd.c 5.5 (Berkeley) 5/6/91";*/
-static const char rcsid[] = "$OpenBSD: local_passwd.c,v 1.30 2003/06/20 16:53:27 deraadt Exp $";
+static const char rcsid[] = "$OpenBSD: local_passwd.c,v 1.31 2004/03/10 21:23:17 millert Exp $";
#endif /* not lint */
#include <sys/types.h>
@@ -155,10 +155,10 @@ getnewpasswd(struct passwd *pw, login_cap_t *lc, int authenticated)
(void)printf("Changing local password for %s.\n", pw->pw_name);
if (uid != 0 && pw->pw_passwd[0] != '\0') {
p = getpass("Old password:");
- if (*p == '\0') {
+ if (p == NULL || *p == '\0') {
(void)printf(UNCHANGED_MSG);
pw_abort();
- exit(0);
+ exit(p == NULL ? 1 : 0);
}
if (strcmp(crypt(p, pw->pw_passwd), pw->pw_passwd)) {
errno = EACCES;
@@ -171,10 +171,10 @@ getnewpasswd(struct passwd *pw, login_cap_t *lc, int authenticated)
for (buf[0] = '\0', tries = 0;;) {
p = getpass("New password:");
- if (*p == '\0') {
+ if (p == NULL || *p == '\0') {
(void)printf(UNCHANGED_MSG);
pw_abort();
- exit(0);
+ exit(p == NULL ? 1 : 0);
}
if (strcmp(p, "s/key") == 0) {
printf("That password collides with a system feature. Choose another.\n");
@@ -185,7 +185,8 @@ getnewpasswd(struct passwd *pw, login_cap_t *lc, int authenticated)
&& pwd_check(pw, lc, p) == 0)
continue;
strlcpy(buf, p, sizeof(buf));
- if (!strcmp(buf, getpass("Retype new password:")))
+ p = getpass("Retype new password:");
+ if (p != NULL && strcmp(buf, p) == 0)
break;
(void)printf("Mismatch; try again, EOF to quit.\n");
}
diff --git a/usr.bin/passwd/yp_passwd.c b/usr.bin/passwd/yp_passwd.c
index 9bcc8ac2ecc..0d9c5a53926 100644
--- a/usr.bin/passwd/yp_passwd.c
+++ b/usr.bin/passwd/yp_passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: yp_passwd.c,v 1.25 2004/02/20 21:24:57 maja Exp $ */
+/* $OpenBSD: yp_passwd.c,v 1.26 2004/03/10 21:23:17 millert Exp $ */
/*
* Copyright (c) 1988 The Regents of the University of California.
@@ -30,7 +30,7 @@
*/
#ifndef lint
/*static const char sccsid[] = "from: @(#)yp_passwd.c 1.0 2/2/93";*/
-static const char rcsid[] = "$OpenBSD: yp_passwd.c,v 1.25 2004/02/20 21:24:57 maja Exp $";
+static const char rcsid[] = "$OpenBSD: yp_passwd.c,v 1.26 2004/03/10 21:23:17 millert Exp $";
#endif /* not lint */
#ifdef YP
@@ -203,7 +203,8 @@ ypgetnewpasswd(struct passwd *pw, login_cap_t *lc, char **old_pass)
if (pw->pw_passwd[0]) {
p = getpass("Old password:");
- if (strcmp(crypt(p, pw->pw_passwd), pw->pw_passwd)) {
+ if (p == NULL ||
+ strcmp(crypt(p, pw->pw_passwd), pw->pw_passwd)) {
errno = EACCES;
pw_error(NULL, 1, 1);
}
@@ -218,9 +219,10 @@ ypgetnewpasswd(struct passwd *pw, login_cap_t *lc, char **old_pass)
for (buf[0] = '\0', tries = 0;;) {
p = getpass("New password:");
- if (!*p) {
+ if (p == NULL || *p == '\0') {
printf("Password unchanged.\n");
- pw_error(NULL, 0, 0);
+ pw_abort();
+ exit(p == NULL ? 1 : 0);
}
if (strcmp(p, "s/key") == 0) {
printf("That password collides with a system feature. "
@@ -231,7 +233,8 @@ ypgetnewpasswd(struct passwd *pw, login_cap_t *lc, char **old_pass)
&& pwd_check(pw, lc, p) == 0)
continue;
strlcpy(buf, p, sizeof buf);
- if (!strcmp(buf, getpass("Retype new password:")))
+ p = getpass("Retype new password:");
+ if (p != NULL && strcmp(buf, p) == 0)
break;
(void)printf("Mismatch; try again, EOF to quit.\n");
}