Mercurial > hg > nginx-quic
comparison src/core/ngx_crypt.c @ 4852:9be0b6b749ae stable-1.2
Merge of r4785, r4795, r4811, r4812, r4816, r4822: coverity.
*) Resolver: fixed possible memory leak in ngx_resolver_create().
*) Explicitly ignore returned value from unlink() in ngx_open_tempfile().
*) Explicitly ignore returned value from close() in ngx_event_core_init_conf().
*) Added three missing checks for NULL after ngx_array_push() calls.
*) Crypt: fixed handling of corrupted SSHA entries in password file.
*) Mark logically dead code with corresponding comment.
Found by / prodded by Coverity.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 24 Sep 2012 18:54:28 +0000 |
parents | 29928279ec9f |
children | e4441ebe05d5 |
comparison
equal
deleted
inserted
replaced
4851:6173853dd782 | 4852:9be0b6b749ae |
---|---|
192 | 192 |
193 static ngx_int_t | 193 static ngx_int_t |
194 ngx_crypt_ssha(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) | 194 ngx_crypt_ssha(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
195 { | 195 { |
196 size_t len; | 196 size_t len; |
197 ngx_int_t rc; | |
197 ngx_str_t encoded, decoded; | 198 ngx_str_t encoded, decoded; |
198 ngx_sha1_t sha1; | 199 ngx_sha1_t sha1; |
199 | 200 |
200 /* "{SSHA}" base64(SHA1(key salt) salt) */ | 201 /* "{SSHA}" base64(SHA1(key salt) salt) */ |
201 | 202 |
202 /* decode base64 salt to find out true salt */ | 203 /* decode base64 salt to find out true salt */ |
203 | 204 |
204 encoded.data = salt + sizeof("{SSHA}") - 1; | 205 encoded.data = salt + sizeof("{SSHA}") - 1; |
205 encoded.len = ngx_strlen(encoded.data); | 206 encoded.len = ngx_strlen(encoded.data); |
206 | 207 |
207 decoded.data = ngx_pnalloc(pool, ngx_base64_decoded_length(encoded.len)); | 208 len = ngx_max(ngx_base64_decoded_length(encoded.len), 20); |
209 | |
210 decoded.data = ngx_pnalloc(pool, len); | |
208 if (decoded.data == NULL) { | 211 if (decoded.data == NULL) { |
209 return NGX_ERROR; | 212 return NGX_ERROR; |
210 } | 213 } |
211 | 214 |
212 ngx_decode_base64(&decoded, &encoded); | 215 rc = ngx_decode_base64(&decoded, &encoded); |
216 | |
217 if (rc != NGX_OK || decoded.len < 20) { | |
218 decoded.len = 20; | |
219 } | |
213 | 220 |
214 /* update SHA1 from key and salt */ | 221 /* update SHA1 from key and salt */ |
215 | 222 |
216 ngx_sha1_init(&sha1); | 223 ngx_sha1_init(&sha1); |
217 ngx_sha1_update(&sha1, key, ngx_strlen(key)); | 224 ngx_sha1_update(&sha1, key, ngx_strlen(key)); |