apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s.@apache.org
Subject svn commit: r1460279 - in /apr/apr-util/branches/1.5.x: ./ CHANGES crypto/apr_passwd.c
Date Sun, 24 Mar 2013 07:59:34 GMT
Author: sf
Date: Sun Mar 24 07:59:34 2013
New Revision: 1460279

URL: http://svn.apache.org/r1460279
Log:
Merge r1460243, add CHANGES entry:

    use heap memory for crypt in apr_password_validate, to reduce stack usage
    
    PR: 54572


Modified:
    apr/apr-util/branches/1.5.x/   (props changed)
    apr/apr-util/branches/1.5.x/CHANGES
    apr/apr-util/branches/1.5.x/crypto/apr_passwd.c

Propchange: apr/apr-util/branches/1.5.x/
------------------------------------------------------------------------------
  Merged /apr/apr/trunk:r1460243

Modified: apr/apr-util/branches/1.5.x/CHANGES
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.5.x/CHANGES?rev=1460279&r1=1460278&r2=1460279&view=diff
==============================================================================
--- apr/apr-util/branches/1.5.x/CHANGES [utf-8] (original)
+++ apr/apr-util/branches/1.5.x/CHANGES [utf-8] Sun Mar 24 07:59:34 2013
@@ -1,6 +1,9 @@
                                                      -*- coding: utf-8 -*-
 Changes with APR-util 1.5.2
 
+  *) Use heap memory for crypt in apr_password_validate(), to reduce stack
+     usage. PR 54572. [Stefan Fritsch]
+
   *) Fix password validation failure for all crypt and crypt_r based
      algorithms. PR 54603.  [Harvey Eneman <harvey.eneman oracle.com>]
 

Modified: apr/apr-util/branches/1.5.x/crypto/apr_passwd.c
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.5.x/crypto/apr_passwd.c?rev=1460279&r1=1460278&r2=1460279&view=diff
==============================================================================
--- apr/apr-util/branches/1.5.x/crypto/apr_passwd.c (original)
+++ apr/apr-util/branches/1.5.x/crypto/apr_passwd.c Sun Mar 24 07:59:34 2013
@@ -33,6 +33,9 @@
 #if APR_HAVE_PTHREAD_H
 #include <pthread.h>
 #endif
+#if APR_HAVE_STDLIB_H
+#include <stdlib.h>
+#endif
 
 static const char * const apr1_id = "$apr1$";
 
@@ -100,15 +103,24 @@ APU_DECLARE(apr_status_t) apr_password_v
 #if defined(WIN32) || defined(BEOS) || defined(NETWARE)
         return (strcmp(passwd, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
 #elif defined(CRYPT_R_CRYPTD)
-        CRYPTD buffer;
+        apr_status_t rv;
+        CRYPTD *buffer = malloc(sizeof(*buffer));
 
-        crypt_pw = crypt_r(passwd, hash, &buffer);
-        if (!crypt_pw) {
-            return APR_EMISMATCH;
-        }
-        return (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
+        if (buffer == NULL)
+            return APR_ENOMEM;
+        crypt_pw = crypt_r(passwd, hash, buffer);
+        if (!crypt_pw)
+            rv = APR_EMISMATCH;
+        else
+            rv = (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
+        free(buffer);
+        return rv;
 #elif defined(CRYPT_R_STRUCT_CRYPT_DATA)
-        struct crypt_data buffer;
+        apr_status_t rv;
+        struct crypt_data *buffer = malloc(sizeof(*buffer));
+
+        if (buffer == NULL)
+            return APR_ENOMEM;
 
 #ifdef __GLIBC_PREREQ
         /*
@@ -122,16 +134,18 @@ APU_DECLARE(apr_status_t) apr_password_v
 #endif
 
 #ifdef USE_CRYPT_DATA_INITALIZED
-        buffer.initialized = 0;
+        buffer->initialized = 0;
 #else
-        memset(&buffer, 0, sizeof(buffer));
+        memset(buffer, 0, sizeof(*buffer));
 #endif
 
-        crypt_pw = crypt_r(passwd, hash, &buffer);
-        if (!crypt_pw) {
-            return APR_EMISMATCH;
-        }
-        return (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
+        crypt_pw = crypt_r(passwd, hash, buffer);
+        if (!crypt_pw)
+            rv = APR_EMISMATCH;
+        else
+            rv = (strcmp(crypt_pw, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
+        free(buffer);
+        return rv;
 #else
         /* Do a bit of sanity checking since we know that crypt_r()
          * should always be used for threaded builds on AIX, and



Mime
View raw message