Welcome! Log In Create A New Profile

[nginx] svn commit: r4983 - trunk/src/os/unix

Forum List Message List New Topic Print View

Anonymous User

December 21, 2012 11:14AM

Author: mdounin
Date: 2012-12-21 16:13:03 +0000 (Fri, 21 Dec 2012)
New Revision: 4983
URL: http://trac.nginx.org/nginx/changeset/4983/nginx

Log:
Core: crypt_r() error handling fixed.

The crypt_r() function returns NULL on errors, check it explicitly instead
of assuming errno will remain 0 if there are no errors (per POSIX, the
setting of errno after a successful call to a function is unspecified
unless the description of that function specifies that errno shall not
be modified).

Additionally, dropped unneeded ngx_set_errno(0) and fixed error handling
of memory allocation after normal crypt(), which was inapropriate and
resulted in null pointer dereference on allocation failures.

Modified:
trunk/src/os/unix/ngx_user.c

Modified: trunk/src/os/unix/ngx_user.c
===================================================================
--- trunk/src/os/unix/ngx_user.c 2012-12-21 15:07:45 UTC (rev 4982)
+++ trunk/src/os/unix/ngx_user.c 2012-12-21 16:13:03 UTC (rev 4983)
@@ -28,30 +28,27 @@
{
char *value;
size_t len;
- ngx_err_t err;
struct crypt_data cd;

- ngx_set_errno(0);
-
cd.initialized = 0;
/* work around the glibc bug */
cd.current_salt[0] = ~salt[0];

value = crypt_r((char *) key, (char *) salt, &cd);

- err = ngx_errno;
-
- if (err == 0) {
+ if (value) {
len = ngx_strlen(value) + 1;

*encrypted = ngx_pnalloc(pool, len);
- if (*encrypted) {
- ngx_memcpy(*encrypted, value, len);
- return NGX_OK;
+ if (*encrypted == NULL) {
+ return NGX_ERROR;
}
+
+ ngx_memcpy(*encrypted, value, len);
+ return NGX_OK;
}

- ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt_r() failed");
+ ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed");

return NGX_ERROR;
}
@@ -75,18 +72,20 @@

#endif

- ngx_set_errno(0);
-
value = crypt((char *) key, (char *) salt);

if (value) {
len = ngx_strlen(value) + 1;

*encrypted = ngx_pnalloc(pool, len);
- if (*encrypted) {
- ngx_memcpy(*encrypted, value, len);
+ if (*encrypted == NULL) {
+#if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
+ ngx_mutex_unlock(ngx_crypt_mutex);
+#endif
+ return NGX_ERROR;
}

+ ngx_memcpy(*encrypted, value, len);
#if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
ngx_mutex_unlock(ngx_crypt_mutex);
#endif

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[nginx] svn commit: r4983 - trunk/src/os/unix	Anonymous User	844	December 21, 2012 11:14AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 122

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018