[dovecot-cvs] dovecot/src/auth db-passwd-file.c,1.24,1.25
cras at dovecot.org
cras at dovecot.org
Sun Apr 9 12:29:56 EEST 2006
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv17439
Modified Files:
db-passwd-file.c
Log Message:
Don't crash if passwd-file has entries without passwords.
Index: db-passwd-file.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/db-passwd-file.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -d -r1.24 -r1.25
--- db-passwd-file.c 31 Mar 2006 15:02:37 -0000 1.24
+++ db-passwd-file.c 9 Apr 2006 09:29:54 -0000 1.25
@@ -38,9 +38,9 @@
pu = p_new(pw->pool, struct passwd_user, 1);
user = p_strdup(pw->pool, username);
- len = strlen(pass);
- if (pass[0] != '{' && pass[0] != '$' &&
- len > 4 && pass[len-1] == ']' && pass[len-4] == '[') {
+ len = pass == NULL ? 0 : strlen(pass);
+ if (len > 4 && pass[0] != '{' && pass[0] != '$' &&
+ pass[len-1] == ']' && pass[len-4] == '[') {
/* password[type] - we're being libpam-pwdfile compatible
here. it uses 13 = DES and 34 = MD5. For backwards
comaptibility with ourself, we have also 56 = Digest-MD5. */
More information about the dovecot-cvs
mailing list