2009-11-09 Vladimir Serbinenko <phcoder@gmail.com>

	* normal/auth.c (grub_auth_strcmp): Fix bug which resulted in function
	being insecure.

diff --git a/ChangeLog b/ChangeLog
index d6c3b792734ae0c6f32cf7b5702b27f45283c688..c5e9209661e36160b434b41e98ccda0418f17e5c 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2009-11-09  Vladimir Serbinenko  <phcoder@gmail.com>
+
+       * normal/auth.c (grub_auth_strcmp): Fix bug which resulted in function
+       being insecure.
+
 2009-11-08  Robert Millan  <rmh.grub@aybabtu.com>
 
        * util/i386/pc/grub-mkrescue.in: Fix miss-identification as

diff --git a/normal/auth.c b/normal/auth.c
index 9029ba1ce2b859ea5ca8b8ed715b229a8b8d1ba0..afe65315d472d1a6236b2fb3ce18a3f8d3127178 100644 (file)
--- a/normal/auth.c
+++ b/normal/auth.c
@@ -39,12 +39,19 @@ grub_auth_strcmp (const char *user_input, const char *template)
 {
   int ok = 1;
   const char *ptr1, *ptr2;
+
+  if (ptr2 == NULL)
+    ok = 0;
+
   for (ptr1 = user_input, ptr2 = template; *ptr1; ptr1++)
-    if (*ptr1 == (ptr2 ? *ptr2 : ptr1[1]) && ok && ptr2 != NULL)
+    if (*ptr1 == (ptr2 ? *ptr2 : ptr1[1]) && ok)
       ptr2++;
     else
       ok = 0;
 
+  if (ptr2 == NULL || *ptr2 != 0)
+    ok = 0;
+
   return !ok;
 }