passdb/pass_check.c
James Sutherland
jas88 at cam.ac.uk
Fri Mar 10 11:08:51 GMT 2000
On Fri, 10 Mar 2000, Peter Samuelson wrote:
>
> [Alex Olugbile]
> > I have found that the strcmp attempt in password_check(...) may fail
> > and cause an internal error when crypt returns NULL.
>
> Not that I don't believe you, but when does crypt() return NULL? My
> manpage here says it returns a pointer to static data -- so running out
> of memory shouldn't be an issue, right? Or does crypt() have to
> allocate memory to do the encryption part?
It could fail for other reasons, perhaps - if, for example, the first two
chars (the salt) are invalid? Equally, it may need to allocate some
temporary workspace. The UFC (Ultra-Fast Crypt) implementation uses a
rather big lookup table - it could, perhaps, be trying to initialise this
and failing?
> > I've have modified my own build to check for NULL, but is there a
> > patch for this problem
>
> How do you handle the error? I can't think what the Right Thing to do
> in this situation is. Time out and try again, or just fail?
A single retry could be a good idea, but if it did fail due to invalid
arguments, or not enough memory, this won't help. The key question is, WHY
is it failing?
Alex, would you be able to run it under a debugger with a breakpoint on
crypt()? Or just try a simple test harness, to call crypt() with the same
arguments, and see what happens?
Obviously, if crypt() CAN return NULL, for whatever reason, then it must
be properly handled and checked for.
James.
More information about the samba-technical
mailing list