Mercurial > hg > nginx
comparison src/os/unix/ngx_user.c @ 5050:f9a29f401770 stable-1.2
Merge of r4983: crypt_r() error handling fixed.
The crypt_r() function returns NULL on errors, check it explicitly instead
of assuming errno will remain 0 if there are no errors (per POSIX, the
setting of errno after a successful call to a function is unspecified
unless the description of that function specifies that errno shall not
be modified).
Additionally, dropped unneeded ngx_set_errno(0) and fixed error handling
of memory allocation after normal crypt(), which was inapropriate and
resulted in null pointer dereference on allocation failures.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Mon, 11 Feb 2013 12:37:06 +0000 |
| parents | 778ef9c3fd2d |
| children | fd6fd02f6a4d |
comparison
equal
deleted
inserted
replaced
| 5049:c43fa53c1d8f | 5050:f9a29f401770 |
|---|---|
| 26 ngx_int_t | 26 ngx_int_t |
| 27 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) | 27 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
| 28 { | 28 { |
| 29 char *value; | 29 char *value; |
| 30 size_t len; | 30 size_t len; |
| 31 ngx_err_t err; | |
| 32 struct crypt_data cd; | 31 struct crypt_data cd; |
| 33 | |
| 34 ngx_set_errno(0); | |
| 35 | 32 |
| 36 cd.initialized = 0; | 33 cd.initialized = 0; |
| 37 /* work around the glibc bug */ | 34 /* work around the glibc bug */ |
| 38 cd.current_salt[0] = ~salt[0]; | 35 cd.current_salt[0] = ~salt[0]; |
| 39 | 36 |
| 40 value = crypt_r((char *) key, (char *) salt, &cd); | 37 value = crypt_r((char *) key, (char *) salt, &cd); |
| 41 | 38 |
| 42 err = ngx_errno; | 39 if (value) { |
| 43 | |
| 44 if (err == 0) { | |
| 45 len = ngx_strlen(value) + 1; | 40 len = ngx_strlen(value) + 1; |
| 46 | 41 |
| 47 *encrypted = ngx_pnalloc(pool, len); | 42 *encrypted = ngx_pnalloc(pool, len); |
| 48 if (*encrypted) { | 43 if (*encrypted == NULL) { |
| 49 ngx_memcpy(*encrypted, value, len); | 44 return NGX_ERROR; |
| 50 return NGX_OK; | |
| 51 } | 45 } |
| 46 | |
| 47 ngx_memcpy(*encrypted, value, len); | |
| 48 return NGX_OK; | |
| 52 } | 49 } |
| 53 | 50 |
| 54 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt_r() failed"); | 51 ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed"); |
| 55 | 52 |
| 56 return NGX_ERROR; | 53 return NGX_ERROR; |
| 57 } | 54 } |
| 58 | 55 |
| 59 #else | 56 #else |
| 73 return NGX_AGAIN; | 70 return NGX_AGAIN; |
| 74 } | 71 } |
| 75 | 72 |
| 76 #endif | 73 #endif |
| 77 | 74 |
| 78 ngx_set_errno(0); | |
| 79 | |
| 80 value = crypt((char *) key, (char *) salt); | 75 value = crypt((char *) key, (char *) salt); |
| 81 | 76 |
| 82 if (value) { | 77 if (value) { |
| 83 len = ngx_strlen(value) + 1; | 78 len = ngx_strlen(value) + 1; |
| 84 | 79 |
| 85 *encrypted = ngx_pnalloc(pool, len); | 80 *encrypted = ngx_pnalloc(pool, len); |
| 86 if (*encrypted) { | 81 if (*encrypted == NULL) { |
| 87 ngx_memcpy(*encrypted, value, len); | 82 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT) |
| 83 ngx_mutex_unlock(ngx_crypt_mutex); | |
| 84 #endif | |
| 85 return NGX_ERROR; | |
| 88 } | 86 } |
| 89 | 87 |
| 88 ngx_memcpy(*encrypted, value, len); | |
| 90 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT) | 89 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT) |
| 91 ngx_mutex_unlock(ngx_crypt_mutex); | 90 ngx_mutex_unlock(ngx_crypt_mutex); |
| 92 #endif | 91 #endif |
| 93 return NGX_OK; | 92 return NGX_OK; |
| 94 } | 93 } |