Commit 569284a1 authored by Jo-Philipp Wich's avatar Jo-Philipp Wich

session: handle NULL return values of crypt()

The crypt() function may return NULL with errno ENOSYS when an attempt
was made to crypt the plaintext password using a salt requesting an
unsupported cipher.

Avoid triggering segmentation faults in the subsequent strcmp() operation
by checking for a non-NULL hash value.

Fixes: FS#2291
Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
parent d610800a
......@@ -822,7 +822,7 @@ rpc_login_test_password(const char *hash, const char *password)
crypt_hash = crypt(password, hash);
return !strcmp(crypt_hash, hash);
return (crypt_hash && !strcmp(crypt_hash, hash));
}
static struct uci_section *
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment