1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
From: Debian QA Group <packages@qa.debian.org>
Date: Fri, 12 Jul 2019 01:06:22 +0000
Subject: fix-nullpointer-dereference
---
mini_httpd.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mini_httpd.c b/mini_httpd.c
index 762ca6c..b9c5c27 100644
--- a/mini_httpd.c
+++ b/mini_httpd.c
@@ -2407,7 +2407,8 @@ auth_check( char* dirname )
/* Yes. */
(void) fclose( fp );
/* So is the password right? */
- if ( strcmp( crypt( authpass, cryp ), cryp ) == 0 )
+ char *cryptpass = crypt( authpass, cryp );
+ if ((cryptpass != NULL) && (strcmp(cryptpass, cryp ) == 0) )
{
/* Ok! */
remoteuser = line;
|
