diff options
| author | Moritz Jodeit <moritz@cvs.openbsd.org> | 2004-12-20 15:06:00 +0000 |
|---|---|---|
| committer | Moritz Jodeit <moritz@cvs.openbsd.org> | 2004-12-20 15:06:00 +0000 |
| commit | 02a7a8cbefcf196bbeaa088c10cec82ba5e6e5e7 (patch) | |
| tree | 3912c411921276602e3f450a4b6ef04b33ce60a1 /usr.bin | |
| parent | 660a24fb3c973d96d888fec0a02ace34e916d838 (diff) | |
o some missing free()'s in error paths
o use FD_CLOEXEC instead of 1
o fix a crash when the round number of
localcipher in the default section
in login.conf was ommitted. noted by
mpech@
ok mpech@, otto@, millert@, henning@
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/passwd/local_passwd.c | 8 | ||||
| -rw-r--r-- | usr.bin/passwd/pwd_gensalt.c | 15 |
2 files changed, 16 insertions, 7 deletions
diff --git a/usr.bin/passwd/local_passwd.c b/usr.bin/passwd/local_passwd.c index 184bd6e5d2c..edad2f65b6c 100644 --- a/usr.bin/passwd/local_passwd.c +++ b/usr.bin/passwd/local_passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: local_passwd.c,v 1.35 2004/09/18 19:34:29 deraadt Exp $ */ +/* $OpenBSD: local_passwd.c,v 1.36 2004/12/20 15:05:59 moritz Exp $ */ /*- * Copyright (c) 1990 The Regents of the University of California. @@ -31,7 +31,7 @@ #ifndef lint /*static const char sccsid[] = "from: @(#)local_passwd.c 5.5 (Berkeley) 5/6/91";*/ -static const char rcsid[] = "$OpenBSD: local_passwd.c,v 1.35 2004/09/18 19:34:29 deraadt Exp $"; +static const char rcsid[] = "$OpenBSD: local_passwd.c,v 1.36 2004/12/20 15:05:59 moritz Exp $"; #endif /* not lint */ #include <sys/types.h> @@ -84,12 +84,14 @@ local_passwd(char *uname, int authenticated) } if ((lc = login_getclass(pw->pw_class)) == NULL) { warnx("unable to get login class for user %s.", uname); + free(opw); return(1); } uid = authenticated ? pw->pw_uid : getuid(); if (uid && uid != pw->pw_uid) { warnx("login/uid mismatch, username argument required."); + free(opw); return(1); } @@ -133,7 +135,7 @@ local_passwd(char *uname, int authenticated) if (i >= 4) fputc('\n', stderr); pfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0); - if (pfd < 0 || fcntl(pfd, F_SETFD, 1) == -1) + if (pfd < 0 || fcntl(pfd, F_SETFD, FD_CLOEXEC) == -1) pw_error(_PATH_MASTERPASSWD, 1, 1); /* Update master.passwd file and rebuild spwd.db. */ diff --git a/usr.bin/passwd/pwd_gensalt.c b/usr.bin/passwd/pwd_gensalt.c index 9bf227e74f6..4e442e8c2fa 100644 --- a/usr.bin/passwd/pwd_gensalt.c +++ b/usr.bin/passwd/pwd_gensalt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pwd_gensalt.c,v 1.21 2004/11/02 08:03:55 otto Exp $ */ +/* $OpenBSD: pwd_gensalt.c,v 1.22 2004/12/20 15:05:59 moritz Exp $ */ /* * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> @@ -83,8 +83,10 @@ pwd_gensalt(char *salt, int saltlen, login_cap_t *lc, char type) to64(&salt[0], arc4random(), 2); salt[2] = '\0'; } else if (!strcmp(now, "newsalt")) { - u_int32_t rounds = atol(next); + u_int32_t rounds = 7250; + if (next) + rounds = atol(next); if (saltlen < 10) { free(oldnext); return 0; @@ -109,14 +111,19 @@ pwd_gensalt(char *salt, int saltlen, login_cap_t *lc, char type) to64(&salt[7], arc4random(), 4); strlcpy(&salt[11], "$", saltlen - 11); } else if (!strcmp(now, "blowfish")) { - int rounds = atoi(next); + int rounds = 6; + if (next) + rounds = atoi(next); if (rounds < 4) rounds = 4; + if (rounds > 31) + rounds = 31; strlcpy(salt, bcrypt_gensalt(rounds), saltlen); } else { - strlcpy(salt, ":", saltlen); warnx("Unknown option %s.", now); + free(oldnext); + return 0; } free(oldnext); return 1; |