ITS#10130 Several callers of getpassphrase() ignore NULL returns

diff --git a/clients/tools/common.c b/clients/tools/common.c
index b88f219b36207178051c916556dc90d18bd0c54c..9dfbb53e32aeb851a2d8685587d9af0daec7c841 100644 (file)
--- a/clients/tools/common.c
+++ b/clients/tools/common.c
@@ -1472,10 +1472,11 @@ tool_bind( LDAP *ld )
 
                } else {
                        char *pw = getpassphrase( _("Enter LDAP Password: ") );
-                       if ( pw ) {
-                               passwd.bv_val = ber_strdup( pw );
-                               passwd.bv_len = strlen( passwd.bv_val );
+                       if ( pw == NULL ) { /* Allow EOF to exit. */
+                               tool_exit( ld, EXIT_FAILURE );
                        }
+                       passwd.bv_val = ber_strdup( pw );
+                       passwd.bv_len = strlen( passwd.bv_val );
                }
        }
 

diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c
index 2cf14d104e57075fae2a2551e9922aa5261fb2a4..036e5e1cb82e8053157fba2319f6da6a016994ed 100644 (file)
--- a/clients/tools/ldappasswd.c
+++ b/clients/tools/ldappasswd.c
@@ -206,7 +206,12 @@ main( int argc, char *argv[] )
        if( want_oldpw && oldpw.bv_val == NULL ) {
                /* prompt for old password */
                char *ckoldpw;
-               oldpw.bv_val = strdup(getpassphrase(_("Old password: ")));
+               ckoldpw = getpassphrase(_("Old password: "));
+               if ( ckoldpw == NULL ) { /* Allow EOF to exit. */
+                       rc = EXIT_FAILURE;
+                       goto done;
+               }
+               oldpw.bv_val = strdup( ckoldpw );
                ckoldpw = getpassphrase(_("Re-enter old password: "));
 
                if( oldpw.bv_val == NULL || ckoldpw == NULL ||
@@ -231,7 +236,12 @@ main( int argc, char *argv[] )
        if( want_newpw && newpw.bv_val == NULL ) {
                /* prompt for new password */
                char *cknewpw;
-               newpw.bv_val = strdup(getpassphrase(_("New password: ")));
+               cknewpw = getpassphrase(_("New password: "));
+               if ( cknewpw == NULL ) { /* Allow EOF to exit. */
+                       rc = EXIT_FAILURE;
+                       goto done;
+               }
+               newpw.bv_val = strdup( cknewpw );
                cknewpw = getpassphrase(_("Re-enter new password: "));
 
                if( newpw.bv_val == NULL || cknewpw == NULL ||

diff --git a/clients/tools/ldapvc.c b/clients/tools/ldapvc.c
index 4f35025ec182caaae94af34d07f9547009f9cf91..264f29316fb161b36cc77821716316e63e3668bd 100644 (file)
--- a/clients/tools/ldapvc.c
+++ b/clients/tools/ldapvc.c
@@ -309,8 +309,13 @@ main( int argc, char *argv[] )
 #endif
            && !cred.bv_val)
        {
-               cred.bv_val = strdup(getpassphrase(_("User's password: ")));
-           cred.bv_len = strlen(cred.bv_val);
+               char *userpw = getpassphrase(_("User's password: "));
+               if ( userpw == NULL ) /* Allow EOF to exit. */
+               {
+                       tool_exit( ld, EXIT_FAILURE );
+               }
+               cred.bv_val = strdup(userpw);
+               cred.bv_len = strlen(cred.bv_val);
        }
 
 #ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS_INTERACTIVE

diff --git a/servers/slapd/slappasswd.c b/servers/slapd/slappasswd.c
index 9c2adef22037203e4eb01ce8029834cb9ccf97b7..e38436461e8dab020cc12b5df5940cccd662173a 100644 (file)
--- a/servers/slapd/slappasswd.c
+++ b/servers/slapd/slappasswd.c
@@ -250,11 +250,16 @@ slappasswd( int argc, char *argv[] )
                if( newpw == NULL ) {
                        /* prompt for new password */
                        char *cknewpw;
-                       newpw = ch_strdup(getpassphrase("New password: "));
+                       newpw = getpassphrase("New password: ");
+                       if ( newpw == NULL ) { /* Allow EOF to exit. */
+                               rc = EXIT_FAILURE;
+                               goto destroy;
+                       }
+                       newpw = ch_strdup(newpw);
                        cknewpw = getpassphrase("Re-enter new password: ");
-       
-                       if( strcmp( newpw, cknewpw )) {
-                               fprintf( stderr, "Password values do not match\n" );
+                       if( cknewpw == NULL || strcmp( newpw, cknewpw )) {
+                               fprintf( stderr,
+                                   "Password values do not match\n" );
                                rc = EXIT_FAILURE;
                                goto destroy;
                        }

diff --git a/tests/progs/slapd-tester.c b/tests/progs/slapd-tester.c
index 7ad88b82f76c76da3834633132e28ec61fecb0ff..8f9656e6777955f723b0eccc0f4bfefb806c68d0 100644 (file)
--- a/tests/progs/slapd-tester.c
+++ b/tests/progs/slapd-tester.c
@@ -406,6 +406,9 @@ main( int argc, char **argv )
 
        if ( pw_ask ) {
                passwd = getpassphrase( _("Enter LDAP Password: ") );
+               if ( passwd == NULL ) { /* Allow EOF to exit. */
+                       exit( EXIT_FAILURE );
+               }
 
        } else if ( pw_file ) {
                struct berval   pw;