diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2004-03-10 21:30:28 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2004-03-10 21:30:28 +0000 |
commit | ff294b0a943dc81c4cf0a467e96b76d5442a1c4f (patch) | |
tree | b92e051489c97d48a88503f132aa292be124df55 /libexec | |
parent | 56d7d8a963877ba2ee5123ab43220c21f7fc6459 (diff) |
More checking for a NULL return value from getpass(). otto@ OK
Diffstat (limited to 'libexec')
-rw-r--r-- | libexec/login_chpass/login_chpass.c | 8 | ||||
-rw-r--r-- | libexec/login_lchpass/login_lchpass.c | 5 | ||||
-rw-r--r-- | libexec/login_passwd/login.c | 5 | ||||
-rw-r--r-- | libexec/login_passwd/login_passwd.c | 4 | ||||
-rw-r--r-- | libexec/login_radius/raddauth.c | 11 | ||||
-rw-r--r-- | libexec/login_skey/login_skey.c | 5 | ||||
-rw-r--r-- | libexec/login_token/login_token.c | 8 |
7 files changed, 29 insertions, 17 deletions
diff --git a/libexec/login_chpass/login_chpass.c b/libexec/login_chpass/login_chpass.c index c592638a7c6..6b22cbf582f 100644 --- a/libexec/login_chpass/login_chpass.c +++ b/libexec/login_chpass/login_chpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_chpass.c,v 1.11 2003/08/12 13:14:08 hin Exp $ */ +/* $OpenBSD: login_chpass.c,v 1.12 2004/03/10 21:30:27 millert Exp $ */ /*- * Copyright (c) 1995,1996 Berkeley Software Design, Inc. All rights reserved. @@ -197,8 +197,10 @@ yp_chpass(char *username) } if (pw == NULL) { char *p = getpass("Old password:"); - crypt(p, "xx"); - memset(p, 0, strlen(p)); + if (p != NULL) { + crypt(p, "xx"); + memset(p, 0, strlen(p)); + } warnx("YP passwd database unchanged."); exit(1); } diff --git a/libexec/login_lchpass/login_lchpass.c b/libexec/login_lchpass/login_lchpass.c index f2a9f596df4..9faa14a915c 100644 --- a/libexec/login_lchpass/login_lchpass.c +++ b/libexec/login_lchpass/login_lchpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_lchpass.c,v 1.11 2002/10/15 20:56:02 millert Exp $ */ +/* $OpenBSD: login_lchpass.c,v 1.12 2004/03/10 21:30:27 millert Exp $ */ /*- * Copyright (c) 1995,1996 Berkeley Software Design, Inc. All rights reserved. @@ -125,7 +125,8 @@ main(int argc, char *argv[]) (void)setpriority(PRIO_PROCESS, 0, -4); (void)printf("Changing local password for %s.\n", username); - p = getpass("Old Password:"); + if ((p = getpass("Old Password:")) == NULL) + exit(1); salt = crypt(p, salt); memset(p, 0, strlen(p)); diff --git a/libexec/login_passwd/login.c b/libexec/login_passwd/login.c index 3ce5acde35d..e4bfb20bce9 100644 --- a/libexec/login_passwd/login.c +++ b/libexec/login_passwd/login.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login.c,v 1.6 2003/03/17 02:20:17 deraadt Exp $ */ +/* $OpenBSD: login.c,v 1.7 2004/03/10 21:30:27 millert Exp $ */ /*- * Copyright (c) 1995 Berkeley Software Design, Inc. All rights reserved. @@ -159,7 +159,8 @@ main(int argc, char **argv) ret = pwd_login(username, password, wheel, lastchance, class); #endif - memset(password, 0, strlen(password)); + if (password != NULL) + memset(password, 0, strlen(password)); if (ret != AUTH_OK) fprintf(back, BI_REJECT "\n"); diff --git a/libexec/login_passwd/login_passwd.c b/libexec/login_passwd/login_passwd.c index 62b29a547d0..a2c2601714f 100644 --- a/libexec/login_passwd/login_passwd.c +++ b/libexec/login_passwd/login_passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_passwd.c,v 1.7 2003/07/29 18:39:23 deraadt Exp $ */ +/* $OpenBSD: login_passwd.c,v 1.8 2004/03/10 21:30:27 millert Exp $ */ /*- * Copyright (c) 2001 Hans Insulander <hin@openbsd.org>. @@ -42,6 +42,8 @@ pwd_login(char *username, char *password, char *wheel, int lastchance, fprintf(back, BI_REJECT "\n"); return (AUTH_FAILED); } + if (password == NULL) + return (AUTH_FAILED); pwd = getpwnam(username); if (pwd) diff --git a/libexec/login_radius/raddauth.c b/libexec/login_radius/raddauth.c index 450481a1844..44278b946f4 100644 --- a/libexec/login_radius/raddauth.c +++ b/libexec/login_radius/raddauth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: raddauth.c,v 1.15 2004/03/03 22:05:15 jcs Exp $ */ +/* $OpenBSD: raddauth.c,v 1.16 2004/03/10 21:30:27 millert Exp $ */ /*- * Copyright (c) 1996, 1997 Berkeley Software Design, Inc. All rights reserved. @@ -187,9 +187,9 @@ raddauth(char *username, char *class, char *style, char *challenge, } if (passwd == NULL) passwd = getpass("Password:"); - } else if (password != NULL) - passwd = password; - else + } else + passwd = password; + if (password == NULL) passwd = ""; if ((v = login_getcapstr(lc, "radius-server", NULL, NULL)) == NULL){ @@ -308,7 +308,8 @@ retry: return (0); } req_id++; - passwd = getpass(""); + if ((passwd = getpass("")) == NULL) + passwd = ""; break; default: diff --git a/libexec/login_skey/login_skey.c b/libexec/login_skey/login_skey.c index b71b1359e5c..fe7f33cea75 100644 --- a/libexec/login_skey/login_skey.c +++ b/libexec/login_skey/login_skey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_skey.c,v 1.11 2002/09/06 18:45:07 deraadt Exp $ */ +/* $OpenBSD: login_skey.c,v 1.12 2004/03/10 21:30:27 millert Exp $ */ /*- * Copyright (c) 1995 Berkeley Software Design, Inc. All rights reserved. @@ -182,7 +182,8 @@ main(int argc, char *argv[]) if (haskey) alarm(120); resumed = 0; - readpassphrase(skeyprompt, passbuf, sizeof(passbuf), 0); + if (!readpassphrase(skeyprompt, passbuf, sizeof(passbuf), 0)) + exit(1); if (passbuf[0] == '\0') readpassphrase("S/Key Password [echo on]: ", passbuf, sizeof(passbuf), RPP_ECHO_ON); diff --git a/libexec/login_token/login_token.c b/libexec/login_token/login_token.c index 29e091e2f19..668a3b0fc02 100644 --- a/libexec/login_token/login_token.c +++ b/libexec/login_token/login_token.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_token.c,v 1.7 2002/09/06 18:19:14 deraadt Exp $ */ +/* $OpenBSD: login_token.c,v 1.8 2004/03/10 21:30:27 millert Exp $ */ /*- * Copyright (c) 1995, 1996 Berkeley Software Design, Inc. All rights reserved. @@ -156,12 +156,16 @@ main(int argc, char *argv[]) } pp = readpassphrase(challenge, response, sizeof(response), 0); - if (!pp || *pp == '\0') { + if (pp == NULL) + exit(1); + if (*pp == '\0') { char buf[64]; snprintf(buf, sizeof(buf), "%s Response [echo on]: ", tt->proper); pp = readpassphrase(buf, response, sizeof(response), RPP_ECHO_ON); + if (pp == NULL) + exit(1); } } |