fix awk segfault
[openwrt.git] / package / busybox / patches / 310-passwd_access.patch
index 740181a..22e6abc 100644 (file)
@@ -1,42 +1,45 @@
 
        Copyright (C) 2006 OpenWrt.org
 
-diff -urN busybox.old/networking/httpd.c busybox.dev/networking/httpd.c
---- busybox.old/networking/httpd.c     2004-10-08 10:03:29.000000000 +0200
-+++ busybox.dev/networking/httpd.c     2006-02-04 01:54:19.688016250 +0100
-@@ -1467,12 +1467,24 @@
-               {
-                       char *cipher;
-                       char *pp;
-+                      char *ppnew = NULL;
-+                      struct passwd *pwd = NULL;
+Index: busybox-1.4.2/networking/httpd.c
+===================================================================
+--- busybox-1.4.2.orig/networking/httpd.c      2007-06-04 13:21:32.190083032 +0200
++++ busybox-1.4.2/networking/httpd.c   2007-06-04 13:21:34.401746808 +0200
+@@ -1402,12 +1402,26 @@
+                       if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
+                               char *cipher;
+                               char *pp;
++                              char *ppnew = NULL;
++                              struct passwd *pwd = NULL;
  
-                       if(strncmp(p, request, u-request) != 0) {
-                               /* user uncompared */
-                               continue;
-                       }
-                       pp = strchr(p, ':');
-+                      if(pp && pp[1] == '$' && pp[2] == 'p' &&
+                               if (strncmp(p, request, u-request) != 0) {
+                                       /* user uncompared */
+                                       continue;
+                               }
+                               pp = strchr(p, ':');
++                              if(pp && pp[1] == '$' && pp[2] == 'p' &&
 +                                               pp[3] == '$' && pp[4] &&
-+                                               (pwd = getpwnam(&pp[4])) != NULL) {
-+                              if(pwd->pw_passwd && pwd->pw_passwd[0] == '!')
-+                                      continue;
-+                              ppnew = malloc(5 + strlen(pwd->pw_passwd));
-+                              ppnew[0] = ':';
-+                              strcpy(ppnew + 1, pwd->pw_passwd);
-+                              pp = ppnew;
-+                      }
-                       if(pp && pp[1] == '$' && pp[2] == '1' &&
-                                                pp[3] == '$' && pp[4]) {
-                               pp++;
-@@ -1482,6 +1492,10 @@
-                               /* unauthorized */
-                               continue;
++                                       (pwd = getpwnam(&pp[4])) != NULL) {
++                                      if(pwd->pw_passwd && pwd->pw_passwd[0] == '!') {
++                                              prev = NULL;
++                                              continue;
++                                      }
++                                      ppnew = xrealloc(ppnew, 5 + strlen(pwd->pw_passwd));
++                                      ppnew[0] = ':';
++                                      strcpy(ppnew + 1, pwd->pw_passwd);
++                                      pp = ppnew;
++                              }
+                               if (pp && pp[1] == '$' && pp[2] == '1' &&
+                                               pp[3] == '$' && pp[4]) {
+                                       pp++;
+@@ -1417,6 +1431,10 @@
+                                       /* unauthorized */
+                                       continue;
+                               }
++                              if (ppnew) {
++                                      free(ppnew);
++                                      ppnew = NULL;
++                              }
                        }
-+                      if (ppnew) {
-+                              free(ppnew);
-+                              ppnew = NULL;
-+                      }
-               }
- #endif
-               if (strcmp(p, request) == 0) {
+                       if (strcmp(p, request) == 0) {
This page took 0.021649 seconds and 4 git commands to generate.