Mercurial > hg > nginx-quic
comparison src/os/unix/ngx_user.c @ 4982:6ccd3a50b40f
Core: crypt_r() error handling fixed.
The crypt_r() function returns NULL on errors, check it explicitly instead
of assuming errno will remain 0 if there are no errors (per POSIX, the
setting of errno after a successful call to a function is unspecified
unless the description of that function specifies that errno shall not
be modified).
Additionally, dropped unneeded ngx_set_errno(0) and fixed error handling
of memory allocation after normal crypt(), which was inapropriate and
resulted in null pointer dereference on allocation failures.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Fri, 21 Dec 2012 16:13:03 +0000 |
parents | 778ef9c3fd2d |
children | fd6fd02f6a4d |
comparison
equal
deleted
inserted
replaced
4981:5889bc5f7a65 | 4982:6ccd3a50b40f |
---|---|
26 ngx_int_t | 26 ngx_int_t |
27 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) | 27 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
28 { | 28 { |
29 char *value; | 29 char *value; |
30 size_t len; | 30 size_t len; |
31 ngx_err_t err; | |
32 struct crypt_data cd; | 31 struct crypt_data cd; |
33 | |
34 ngx_set_errno(0); | |
35 | 32 |
36 cd.initialized = 0; | 33 cd.initialized = 0; |
37 /* work around the glibc bug */ | 34 /* work around the glibc bug */ |
38 cd.current_salt[0] = ~salt[0]; | 35 cd.current_salt[0] = ~salt[0]; |
39 | 36 |
40 value = crypt_r((char *) key, (char *) salt, &cd); | 37 value = crypt_r((char *) key, (char *) salt, &cd); |
41 | 38 |
42 err = ngx_errno; | 39 if (value) { |
43 | |
44 if (err == 0) { | |
45 len = ngx_strlen(value) + 1; | 40 len = ngx_strlen(value) + 1; |
46 | 41 |
47 *encrypted = ngx_pnalloc(pool, len); | 42 *encrypted = ngx_pnalloc(pool, len); |
48 if (*encrypted) { | 43 if (*encrypted == NULL) { |
49 ngx_memcpy(*encrypted, value, len); | 44 return NGX_ERROR; |
50 return NGX_OK; | |
51 } | 45 } |
46 | |
47 ngx_memcpy(*encrypted, value, len); | |
48 return NGX_OK; | |
52 } | 49 } |
53 | 50 |
54 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt_r() failed"); | 51 ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed"); |
55 | 52 |
56 return NGX_ERROR; | 53 return NGX_ERROR; |
57 } | 54 } |
58 | 55 |
59 #else | 56 #else |
73 return NGX_AGAIN; | 70 return NGX_AGAIN; |
74 } | 71 } |
75 | 72 |
76 #endif | 73 #endif |
77 | 74 |
78 ngx_set_errno(0); | |
79 | |
80 value = crypt((char *) key, (char *) salt); | 75 value = crypt((char *) key, (char *) salt); |
81 | 76 |
82 if (value) { | 77 if (value) { |
83 len = ngx_strlen(value) + 1; | 78 len = ngx_strlen(value) + 1; |
84 | 79 |
85 *encrypted = ngx_pnalloc(pool, len); | 80 *encrypted = ngx_pnalloc(pool, len); |
86 if (*encrypted) { | 81 if (*encrypted == NULL) { |
87 ngx_memcpy(*encrypted, value, len); | 82 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT) |
83 ngx_mutex_unlock(ngx_crypt_mutex); | |
84 #endif | |
85 return NGX_ERROR; | |
88 } | 86 } |
89 | 87 |
88 ngx_memcpy(*encrypted, value, len); | |
90 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT) | 89 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT) |
91 ngx_mutex_unlock(ngx_crypt_mutex); | 90 ngx_mutex_unlock(ngx_crypt_mutex); |
92 #endif | 91 #endif |
93 return NGX_OK; | 92 return NGX_OK; |
94 } | 93 } |