[src/trunk]: src/lib/libcrypt Avoid null SEGV if libargon passed string with ...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/lib/libcrypt Avoid null SEGV if libargon passed string with ...
From: abs <abs%NetBSD.org@localhost>
Date: Sun, 29 May 2022 14:47:49 +0000

details:   https://anonhg.NetBSD.org/src/rev/d22f591643de
branches:  trunk
changeset: 366505:d22f591643de
user:      abs <abs%NetBSD.org@localhost>
date:      Sun May 29 10:58:09 2022 +0000

description:
Avoid null SEGV if libargon passed string with too few $

Seen on netbsd-9 built xscreensaver running on a current system.
Whatever triggered this should also be fixed, but in the meantime
we can improve the behaviour from "Segmentation Fault"

diffstat:

 lib/libcrypt/crypt-argon2.c |  8 ++++++--
 1 files changed, 6 insertions(+), 2 deletions(-)

diffs (23 lines):

diff -r b70fea8d32be -r d22f591643de lib/libcrypt/crypt-argon2.c
--- a/lib/libcrypt/crypt-argon2.c       Sun May 29 10:51:42 2022 +0000
+++ b/lib/libcrypt/crypt-argon2.c       Sun May 29 10:58:09 2022 +0000
@@ -335,13 +335,17 @@
        }
 
        a = strsep(&inp, "$");
+       if (a == null) {
+               free(in);
+               return -1;
+       }
 
        sl = ctx->saltlen;
 
        if (from_base64(ctx->salt, &sl, a) == NULL) {
-                free(in);
+               free(in);
                return -1;
-        }
+       }
 
        ctx->saltlen = sl;

Prev by Date: [src/trunk]: src/sys/arch/amiga/conf Regen for GENERIC.in rev. 1.149.
Next by Date: [src/trunk]: src/sys/dev/pci Apply extra delay quirk for followings:
Previous by Thread: [src/trunk]: src/sys/arch/amiga/conf Regen for GENERIC.in rev. 1.149.
Next by Thread: [src/trunk]: src/sys/dev/pci Apply extra delay quirk for followings:
Indexes:

Home | Main Index | Thread Index | Old Index