[apg] Add patch to handle crypt returning NULL. Fixes bug #815575
Kevin Fenzi
kevin at fedoraproject.org
Tue Apr 24 01:15:47 UTC 2012
commit a78bee9f39604c319e8e5960190bbb960a7377c7
Author: Kevin Fenzi <kevin at scrye.com>
Date: Mon Apr 23 19:15:43 2012 -0600
Add patch to handle crypt returning NULL. Fixes bug #815575
apg-2.3.0b-null-crypt.patch | 69 +++++++++++++++++++++++++++++++++++++++++++
apg.spec | 7 ++++-
2 files changed, 75 insertions(+), 1 deletions(-)
---
diff --git a/apg-2.3.0b-null-crypt.patch b/apg-2.3.0b-null-crypt.patch
new file mode 100644
index 0000000..144912b
--- /dev/null
+++ b/apg-2.3.0b-null-crypt.patch
@@ -0,0 +1,69 @@
+diff -Naur apg-2.3.0b-orig/restrict.c apg-2.3.0b/restrict.c
+--- apg-2.3.0b-orig/restrict.c 2003-08-07 11:40:39.000000000 -0400
++++ apg-2.3.0b/restrict.c 2012-04-23 15:01:38.968745907 -0400
+@@ -54,6 +54,10 @@
+ FILE *dct;
+ char *string;
+ char *tmp;
++
++ if( pass == NULL)
++ return(-1);
++
+ if( (string = (char *) calloc(1,MAX_DICT_STRING_SIZE)) == NULL)
+ return(-1);
+
+@@ -140,13 +144,17 @@
+ paranoid_bloom_check_pass (char * password, char *filter, USHORT s_len)
+ {
+ char * substring;
+- int len = strlen(password); /* string length */
++ int len = 0;
+ int c_substr_start_pos = 0; /* current start position */
+ int substr_len = 0; /* substring length (LEN-I >= substr_len >= 2) */
+ int k = 0; /* counter */
+ int c = 0; /* counter */
+ int ret = 0;
+ if (s_len < 2) s_len = 2;
++ if(password == NULL)
++ return (-1);
++
++ len = strlen(password); /* string length */
+ if (s_len > len) return (bloom_check_pass(password, filter));
+
+ #ifdef APG_DEBUG
+@@ -203,16 +211,19 @@
+ cracklib_check_pass(char *pw, char *dictpath)
+ {
+ char * msg;
+- msg = FascistCheck(pw,dictpath);
+- if (msg == NULL) return (0);
+- else
++ if( pw != NULL)
+ {
++ msg = FascistCheck(pw,dictpath);
++ if (msg == NULL) return (0);
++ else
++ {
+ #ifdef APG_DEBUG
+- fprintf(stdout,"cracklib_check_pass: password --> %s rejected (%s)\n", pw, msg);
+- fflush(stdout);
++ fprintf(stdout,"cracklib_check_pass: password --> %s rejected (%s)\n", pw, msg);
++ fflush(stdout);
+ #endif
+- return (1);
++ }
+ }
++ return (1);
+ }
+ #endif
+
+@@ -245,6 +256,9 @@
+ fflush (stdout);
+ #endif /* APG_DEBUG */
+
++if(word == NULL)
++ return(0);
++
+ if ((cond & S_SS) > 0)
+ for (i=0; i < 94; i++)
+ if ((smbl[i].type & S_SS) > 0)
diff --git a/apg.spec b/apg.spec
index 7a141d8..dbffae5 100644
--- a/apg.spec
+++ b/apg.spec
@@ -2,7 +2,7 @@ Summary: Automated Password Generator for random password generation
Name: apg
Version: 2.3.0b
-Release: 13%{?dist}
+Release: 14%{?dist}
License: BSD
Group: System Environment/Base
URL: http://www.adel.nursat.kz/%{name}/
@@ -11,6 +11,7 @@ Source0: http://www.adel.nursat.kz/%{name}/download/%{name}-%{version}.tar.gz
Source1: apg.socket
Source2: apg at .service
Patch0: apg-2.3.0b-gen_rand_pass.patch
+Patch1: apg-2.3.0b-null-crypt.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: systemd-units
@@ -27,6 +28,7 @@ required type and prints them to standard output.
%prep
%setup -q
%patch0 -p1 -b .gen_rand_pass
+%patch1 -p1
%build
# Build server
@@ -87,6 +89,9 @@ fi
%{_unitdir}/%{name}.socket
%changelog
+* Mon Apr 23 2012 Kevin Fenzi <kevin at scrye.com> 2.3.0b-14
+- Add patch to handle crypt returning NULL. Fixes bug #815575
+
* Sat Jan 28 2012 Kevin Fenzi <kevin at scrye.com> 2.3.0b-13
- Convert to use systemd instead of xinetd. Fixes bug #737168
More information about the scm-commits
mailing list