]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: aa4e32e)
BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown...
authorCyril Bonté <cyril.bonte@free.fr>
Fri, 29 Aug 2014 18:20:01 +0000 (20:20 +0200)
committerWilly Tarreau <w@1wt.eu>
Fri, 29 Aug 2014 19:06:31 +0000 (21:06 +0200)
Grégoire Morpain reported a segfault when a secured password is used for http
authentication. It was caused by the use of an unsupported encryption algorithm
with libcrypto. In this case, crypt() returns a NULL pointer.

The fix should be backported to 1.4 and 1.5.

src/auth.c patch | blob | blame | history

diff --git a/src/auth.c b/src/auth.c
index 1069c5b76b286db782d0265bcfe0ba642ac91941..42c08083e3f0f9f4d0a72b7ef89fd5d681e22aa1 100644 (file)
--- a/src/auth.c
+++ b/src/auth.c
@@ -252,7 +252,7 @@ check_user(struct userlist *ul, const char *user, const char *pass)
        fprintf(stderr, ", crypt=%s\n", ep);
 #endif
 
-       if (!strcmp(ep, u->pass))
+       if (ep && strcmp(ep, u->pass) == 0)
                return 1;
        else
                return 0;
Mirror of https://github.com/haproxy/haproxy.git