Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/kde-base/plasma-workspace/files/plasma-workspace-4.10.4-crypt.patch
diff options
context:
space:
mode:
Diffstat (limited to 'kde-base/plasma-workspace/files/plasma-workspace-4.10.4-crypt.patch')
-rw-r--r--kde-base/plasma-workspace/files/plasma-workspace-4.10.4-crypt.patch74
1 files changed, 74 insertions, 0 deletions
diff --git a/kde-base/plasma-workspace/files/plasma-workspace-4.10.4-crypt.patch b/kde-base/plasma-workspace/files/plasma-workspace-4.10.4-crypt.patch
new file mode 100644
index 000000000000..6d36a07aae3d
--- /dev/null
+++ b/kde-base/plasma-workspace/files/plasma-workspace-4.10.4-crypt.patch
@@ -0,0 +1,74 @@
+From 45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7 Mon Sep 17 00:00:00 2001
+From: Michael Pyne <mpyne@kde.org>
+Date: Sat, 29 Jun 2013 16:13:20 -0400
+Subject: [PATCH] kdm, kcheckpass: Check for NULL return from crypt(3) and
+ friends.
+
+Potential issue noted and fixed by Mancha <mancha1@hush.com>.
+
+Patch reviewed by myself and ossi. Backported to 4.10 by myself.
+
+REVIEW:111261
+FIXED-IN:4.10.5
+---
+ kcheckpass/checkpass_etcpasswd.c | 3 ++-
+ kcheckpass/checkpass_osfc2passwd.c | 3 ++-
+ kcheckpass/checkpass_shadow.c | 2 +-
+ kdm/backend/client.c | 7 +++++--
+ 4 files changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/kcheckpass/checkpass_etcpasswd.c b/kcheckpass/checkpass_etcpasswd.c
+index 1dbe06f..e261b7c 100644
+--- a/kcheckpass/checkpass_etcpasswd.c
++++ b/kcheckpass/checkpass_etcpasswd.c
+@@ -35,6 +35,7 @@ AuthReturn Authenticate(const char *method,
+ {
+ struct passwd *pw;
+ char *passwd;
++ char *crpt_passwd;
+
+ if (strcmp(method, "classic"))
+ return AuthError;
+@@ -49,7 +50,7 @@ AuthReturn Authenticate(const char *method,
+ if (!(passwd = conv(ConvGetHidden, 0)))
+ return AuthAbort;
+
+- if (!strcmp(pw->pw_passwd, crypt(passwd, pw->pw_passwd))) {
++ if ((crpt_passwd = crypt(passwd, pw->pw_passwd)) && !strcmp(pw->pw_passwd, crpt_passwd)) {
+ dispose(passwd);
+ return AuthOk; /* Success */
+ }
+diff --git a/kcheckpass/checkpass_osfc2passwd.c b/kcheckpass/checkpass_osfc2passwd.c
+index 9a074f9..d181233 100644
+--- a/kcheckpass/checkpass_osfc2passwd.c
++++ b/kcheckpass/checkpass_osfc2passwd.c
+@@ -38,6 +38,7 @@ AuthReturn Authenticate(const char *method,
+ const char *login, char *(*conv) (ConvRequest, const char *))
+ {
+ char *passwd;
++ char *crpt_passwd;
+ char c2passwd[256];
+
+ if (strcmp(method, "classic"))
+@@ -52,7 +53,7 @@ AuthReturn Authenticate(const char *method,
+ if (!(passwd = conv(ConvGetHidden, 0)))
+ return AuthAbort;
+
+- if (!strcmp(c2passwd, osf1c2crypt(passwd, c2passwd))) {
++ if ((crpt_passwd = osf1c2crypt(passwd, c2passwd)) && !strcmp(c2passwd, crpt_passwd)) {
+ dispose(passwd);
+ return AuthOk; /* Success */
+ }
+diff --git a/kcheckpass/checkpass_shadow.c b/kcheckpass/checkpass_shadow.c
+index ec3a4e0..c0f6913 100644
+--- a/kcheckpass/checkpass_shadow.c
++++ b/kcheckpass/checkpass_shadow.c
+@@ -69,7 +69,7 @@ AuthReturn Authenticate(const char *method,
+ crpt_passwd = crypt(typed_in_password, password);
+ #endif
+
+- if (!strcmp(password, crpt_passwd )) {
++ if (crpt_passwd && !strcmp(password, crpt_passwd )) {
+ dispose(typed_in_password);
+ return AuthOk; /* Success */
+ }