digest_file_auth: Improved error handling

Adds missing error handling when pasword file fails to open for any
reason.

Skips records with missing username in password file.Displays an error
message instead of crashing.

 Detected by Coverity Scan. Issues 740400, 740401

diff --git a/helpers/digest_auth/file/text_backend.cc b/helpers/digest_auth/file/text_backend.cc
index eb499e69aedaa220fcda1012ff10e029f1a1df05..507a1ea86ca40f5857e463d26152c989a9d3cded 100644 (file)
--- a/helpers/digest_auth/file/text_backend.cc
+++ b/helpers/digest_auth/file/text_backend.cc
@@ -56,7 +56,6 @@ my_free(void *p)
 static void
 read_passwd_file(const char *passwordFile, int isHa1Mode)
 {
-    FILE *f;
     char buf[8192];
     user_data *u;
     char *user;
@@ -73,12 +72,22 @@ read_passwd_file(const char *passwordFile, int isHa1Mode)
         fprintf(stderr, "digest_file_auth: cannot create hash table\n");
         exit(1);
     }
-    f = fopen(passwordFile, "r");
-    while (fgets(buf, 8192, f) != NULL) {
+    FILE *f = fopen(passwordFile, "r");
+    if (!f) {
+        fprintf(stderr, "digest_file_auth: cannot open password file: %s\n", xstrerror());
+        exit(1);
+    }
+    unsigned int lineCount = 0;
+    while (fgets(buf, sizeof(buf), f) != NULL) {
+        ++lineCount;
         if ((buf[0] == '#') || (buf[0] == ' ') || (buf[0] == '\t') ||
                 (buf[0] == '\n'))
             continue;
         user = strtok(buf, ":\n");
+        if (!user) {
+            fprintf(stderr, "digest_file_auth: missing user name at line %u in '%s'\n", lineCount, passwordFile);
+            continue;
+        }
         realm = strtok(NULL, ":\n");
         passwd = strtok(NULL, ":\n");
         if (!passwd) {