Subject: bin/31144: pwhash -S/-b never use optarg
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: None <m4nb@biff.mail-box.ne.jp>
List: netbsd-bugs
Date: 09/04/2005 10:00:00
>Number:         31144
>Category:       bin
>Synopsis:       pwhash -S/-b never use optarg
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Sep 04 10:00:00 +0000 2005
>Originator:     YOMURA Masanori
>Release:        NetBSD 3.99.8
>Organization:
>Environment:
NetBSD localhost 3.99.8 NetBSD 3.99.8 (CUSTOM) #5: Sun Sep  4 13:24:10 JST 2005  root@localhost:/fs/local/var/i386/obj/sys/arch/i386/compile/CUSTOM i386
>Description:
`pwhash -b/-S' takes optarg, but it is never used (see diff).
By this, "pwhash -b" causes segmentation fault.

This problem is also in netbsd-3.

>How-To-Repeat:
% pwhash -b 5 foo
Segmentation fault(core dumped)

(gdb) bt
#0  0xbdb8f1f8 in strtoul () from /usr/lib/libc.so.12
#1  0xbdbe49e1 in __gensalt_blowfish () from /usr/lib/libcrypt.so.0
#2  0xbdbe307c in pw_gensalt () from /usr/lib/libcrypt.so.0
#3  0x08048c66 in print_passwd ()
#4  0x08048fb5 in main ()
#5  0x08048986 in ___start ()

>Fix:
--- /usr/src/usr.bin/pwhash/pwhash.c	2005-06-03 00:05:33.000000000 +0900
+++ pwhash.c	2005-09-04 18:55:24.000000000 +0900
@@ -104,15 +104,15 @@
 		break;
 
 	case DO_MD5:
-		error = pw_gensalt(buf, _PASSWORD_LEN, "md5", NULL);
+		error = pw_gensalt(buf, _PASSWORD_LEN, "md5", extra);
 		break;
 
 	case DO_SHA1:
-		error = pw_gensalt(buf, _PASSWORD_LEN, "sha1", NULL);
+		error = pw_gensalt(buf, _PASSWORD_LEN, "sha1", extra);
 		break;
 
 	case DO_BLF:
-		error = pw_gensalt(buf, _PASSWORD_LEN, "blowfish", NULL);
+		error = pw_gensalt(buf, _PASSWORD_LEN, "blowfish", extra);
 		break;
 
 	case DO_DES: