Module Name: src
Committed By: abs
Date: Sun May 29 10:58:09 UTC 2022
Modified Files:
src/lib/libcrypt: crypt-argon2.c
Log Message:
Avoid null SEGV if libargon passed string with too few $
Seen on netbsd-9 built xscreensaver running on a current system.
Whatever triggered this should also be fixed, but in the meantime
we can improve the behaviour from "Segmentation Fault"
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 src/lib/libcrypt/crypt-argon2.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libcrypt/crypt-argon2.c
diff -u src/lib/libcrypt/crypt-argon2.c:1.17 src/lib/libcrypt/crypt-argon2.c:1.18
--- src/lib/libcrypt/crypt-argon2.c:1.17 Sun May 29 10:51:41 2022
+++ src/lib/libcrypt/crypt-argon2.c Sun May 29 10:58:09 2022
@@ -335,13 +335,17 @@ decode_option(argon2_context *ctx, argon
}
a = strsep(&inp, "$");
+ if (a == null) {
+ free(in);
+ return -1;
+ }
sl = ctx->saltlen;
if (from_base64(ctx->salt, &sl, a) == NULL) {
- free(in);
+ free(in);
return -1;
- }
+ }
ctx->saltlen = sl;
