diff -up yp-tools-2.12/src/yppasswd.c.crypt yp-tools-2.12/src/yppasswd.c
--- yp-tools-2.12/src/yppasswd.c.crypt 2012-04-23 13:01:35.599721168 +0200
+++ yp-tools-2.12/src/yppasswd.c 2012-04-23 13:16:18.251261293 +0200
@@ -448,13 +448,19 @@ verifypassword (struct passwd *pwd, char
}
passwdlen = get_passwd_len (pwd->pw_passwd);
- if (pwd->pw_passwd[0]
+ if (pwd->pw_passwd[0]
&& 0 != strcmp (pwd->pw_passwd, "x") /* don't check shadow passwords */
- && !strncmp (pwd->pw_passwd, crypt (pwdstr, pwd->pw_passwd), passwdlen)
&& uid)
{
- fputs (_("You cannot reuse the old password.\n"), stderr);
- return 0;
+ char *crypted = crypt(pwdstr, pwd->pw_passwd);
+ if(crypted == NULL) {
+ fputs (_("crypt() call failed.\n"), stderr);
+ return 0;
+ }
+ if(!strncmp (pwd->pw_passwd, crypted, passwdlen)) {
+ fputs (_("You cannot reuse the old password.\n"), stderr);
+ return 0;
+ }
}
r = 0;
@@ -772,9 +778,16 @@ main (int argc, char **argv)
{
int passwdlen = get_passwd_len (pwd->pw_passwd);
char *sane_passwd = alloca (passwdlen + 1);
+ char *crypted;
strncpy (sane_passwd, pwd->pw_passwd, passwdlen);
sane_passwd[passwdlen] = 0;
- if (strcmp (crypt (s, sane_passwd), sane_passwd))
+ crypted = crypt (s, sane_passwd);
+ if(crypted == NULL)
+ {
+ fprintf (stderr, _("Sorry - crypt() failed.\n"));
+ return 1;
+ }
+ if (strcmp (crypted, sane_passwd))
{
fprintf (stderr, _("Sorry.\n"));
return 1;
@@ -789,6 +802,7 @@ main (int argc, char **argv)
char *error_msg;
#endif /* USE_CRACKLIB */
char *buf, salt[37], *p = NULL;
+ char *crypted;
int tries = 0;
buf = (char *) malloc (129);
@@ -869,7 +883,13 @@ main (int argc, char **argv)
break;
}
- yppwd.newpw.pw_passwd = strdup (crypt (buf, salt));
+ crypted = crypt (buf, salt);
+ if(crypted == NULL) {
+ fprintf (stderr, _("Sorry - crypt() failed.\n"));
+ return 1;
+ } else {
+ yppwd.newpw.pw_passwd = strdup (crypted);
+ }
}
if (f_flag)