apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s.@apache.org
Subject svn commit: r1460243 - /apr/apr/trunk/crypto/apr_passwd.c
Date Sat, 23 Mar 2013 22:21:13 GMT
Author: sf
Date: Sat Mar 23 22:21:13 2013
New Revision: 1460243

URL: http://svn.apache.org/r1460243
Log:
use heap memory for crypt in apr_password_validate, to reduce stack usage

PR: 54572

Modified:
    apr/apr/trunk/crypto/apr_passwd.c

Modified: apr/apr/trunk/crypto/apr_passwd.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_passwd.c?rev=1460243&r1=1460242&r2=1460243&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_passwd.c (original)
+++ apr/apr/trunk/crypto/apr_passwd.c Sat Mar 23 22:21:13 2013
@@ -33,6 +33,9 @@
 #if APR_HAVE_PTHREAD_H
 #include <pthread.h>
 #endif
+#if APR_HAVE_STDLIB_H
+#include <stdlib.h>
+#endif
 
 static const char * const apr1_id = "$apr1$";
 
@@ -126,15 +129,24 @@ APR_DECLARE(apr_status_t) apr_password_v
 #if defined(WIN32) || defined(BEOS) || defined(NETWARE)
         return (strcmp(passwd, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
 #elif defined(CRYPT_R_CRYPTD)
-        CRYPTD buffer;
+        apr_status_t rv;
+        CRYPTD *buffer = malloc(sizeof(*buffer));
 
-        crypt_pw = crypt_r(passwd, hash, &buffer);
-        if (!crypt_pw) {
-            return APR_EMISMATCH;
-        }
-        return (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
+        if (buffer == NULL)
+            return APR_ENOMEM;
+        crypt_pw = crypt_r(passwd, hash, buffer);
+        if (!crypt_pw)
+            rv = APR_EMISMATCH;
+        else
+            rv = (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
+        free(buffer);
+        return rv;
 #elif defined(CRYPT_R_STRUCT_CRYPT_DATA)
-        struct crypt_data buffer;
+        apr_status_t rv;
+        struct crypt_data *buffer = malloc(sizeof(*buffer));
+
+        if (buffer == NULL)
+            return APR_ENOMEM;
 
 #ifdef __GLIBC_PREREQ
         /*
@@ -148,16 +160,18 @@ APR_DECLARE(apr_status_t) apr_password_v
 #endif
 
 #ifdef USE_CRYPT_DATA_INITALIZED
-        buffer.initialized = 0;
+        buffer->initialized = 0;
 #else
-        memset(&buffer, 0, sizeof(buffer));
+        memset(buffer, 0, sizeof(*buffer));
 #endif
 
-        crypt_pw = crypt_r(passwd, hash, &buffer);
-        if (!crypt_pw) {
-            return APR_EMISMATCH;
-        }
-        return (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
+        crypt_pw = crypt_r(passwd, hash, buffer);
+        if (!crypt_pw)
+            rv = APR_EMISMATCH;
+        else
+            rv = (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
+        free(buffer);
+        return rv;
 #else
         /* Do a bit of sanity checking since we know that crypt_r()
          * should always be used for threaded builds on AIX, and



Mime
View raw message