Fijxu/nginx-quic
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Core: crypt_r() error handling fixed.

Browse source 
The crypt_r() function returns NULL on errors, check it explicitly instead
of assuming errno will remain 0 if there are no errors (per POSIX, the
setting of errno after a successful call to a function is unspecified
unless the description of that function specifies that errno shall not
be modified).

Additionally, dropped unneeded ngx_set_errno(0) and fixed error handling
of memory allocation after normal crypt(), which was inapropriate and
resulted in null pointer dereference on allocation failures.
This commit is contained in:
Maxim Dounin 2012-12-21 16:13:03 +00:00
parent b9d1936ece
commit db33ef23a6
1 changed files with 13 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
src/os/unix/ngx_user.c
View file

@ -28,30 +28,27 @@ ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
{ {
char *value; char *value;
size_t len; size_t len;
ngx_err_t err;
struct crypt_data cd; struct crypt_data cd;
ngx_set_errno(0);
cd.initialized = 0; cd.initialized = 0;
/* work around the glibc bug */ /* work around the glibc bug */
cd.current_salt[0] = ~salt[0]; cd.current_salt[0] = ~salt[0];
value = crypt_r((char *) key, (char *) salt, &cd); value = crypt_r((char *) key, (char *) salt, &cd);
err = ngx_errno; if (value) {
if (err == 0) {
len = ngx_strlen(value) + 1; len = ngx_strlen(value) + 1;
*encrypted = ngx_pnalloc(pool, len); *encrypted = ngx_pnalloc(pool, len);
if (*encrypted) { if (*encrypted == NULL) {
return NGX_ERROR;
}
ngx_memcpy(*encrypted, value, len); ngx_memcpy(*encrypted, value, len);
return NGX_OK; return NGX_OK;
} }
}
ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt_r() failed"); ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed");
return NGX_ERROR; return NGX_ERROR;
} }
@ -75,18 +72,20 @@ ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
#endif #endif
ngx_set_errno(0);
value = crypt((char *) key, (char *) salt); value = crypt((char *) key, (char *) salt);
if (value) { if (value) {
len = ngx_strlen(value) + 1; len = ngx_strlen(value) + 1;
*encrypted = ngx_pnalloc(pool, len); *encrypted = ngx_pnalloc(pool, len);
if (*encrypted) { if (*encrypted == NULL) {
ngx_memcpy(*encrypted, value, len); #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
ngx_mutex_unlock(ngx_crypt_mutex);
#endif
return NGX_ERROR;
} }
ngx_memcpy(*encrypted, value, len);
#if (NGX_THREADS && NGX_NONREENTRANT_CRYPT) #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
ngx_mutex_unlock(ngx_crypt_mutex); ngx_mutex_unlock(ngx_crypt_mutex);
#endif #endif