[hackers] [ubase][PATCH] passwd: fix crashes when authentication is unnecessary.

From: Mario J. Rugiero <mrugiero_AT_gmail.com>
Date: Tue, 25 Sep 2018 01:00:59 -0300

From: Mario Rugiero <mrugiero_AT_gmail.com>

When running with root or a password for the user is missing,
authentication is bypassed.
However, it is later attempted to compare the new password
against the missing one, causing crypt to crash due to a null
salt.
In the case of a missing password, there's no prior password
to compare to, so the only choice is to avoid the comparison.
In the case of root, reading a password (if present) is possible,
to avoid resetting to the same password. However, it seems benign
to just let it be to avoid more confusion.
Anyway, the fix consists on doing the check only if we got an
old password to begin with.

---
 passwd.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/passwd.c b/passwd.c
index 52b70a8..0b54537 100644
--- a/passwd.c
+++ b/passwd.c
_AT_@ -235,11 +235,13 @@ newpass:
 		eprintf("getpass:");
 	if (inpass[0] == '\0')
 		eprintf("no password supplied\n");
-	p = crypt(inpass, prevhash);
-	if (!p)
-		eprintf("crypt:");
-	if (cryptpass1 && strcmp(cryptpass1, p) == 0)
-		eprintf("password left unchanged\n");
+	if (cryptpass1) {
+		p = crypt(inpass, prevhash);
+		if (!p)
+			eprintf("crypt:");
+		if (strcmp(cryptpass1, p) == 0)
+			eprintf("password left unchanged\n");
+	}
 	gensalt(salt + strlen(salt));
 	p = crypt(inpass, salt);
 	if (!p)
-- 
2.17.1

Received on Tue Sep 25 2018 - 06:00:59 CEST