Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Handle NULL returns from glibc 2.17+ crypt().
Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL (w/ NULL return) if the salt violates specifications. Additionally, on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords passed to crypt() fail with EPERM (w/ NULL return). If using glibc's crypt(), check return value to avoid a possible NULL pointer dereference.
- Loading branch information