----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: http://git.reviewboard.kde.org/r/111261/#review35275 -----------------------------------------------------------
Ship it! Ship It! - Oswald Buddenhagen On June 28, 2013, 7:12 a.m., mancha mancha wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > http://git.reviewboard.kde.org/r/111261/ > ----------------------------------------------------------- > > (Updated June 28, 2013, 7:12 a.m.) > > > Review request for kde-workspace. > > > Description > ------- > > Background: > Beginning with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL (w/ NULL > return) if the salt violates specifications. Additionally, on FIPS-140 > enabled Linux systems, DES or MD5 encrypted passwords passed to crypt() fail > with EPERM (w/ NULL return). > > Description: > If KDM uses raw crypt() authentication (or pw_encrypt() on a patched Shadow > system; see: > https://alioth.debian.org/tracker/index.php?func=detail&aid=314234 ), instead > of higher-level authentication such as PAM, and that crypt() can return a > NULL pointer (as glibc 2.17+ does when passed a DES/MD5 encrypted passwords > on Linux systems in FIPS-140 mode), then attempting to login to such an > account via KDM crashes the daemon. > > ----- > kdm[1879]: segfault at 0 ip b74a1909 sp bfd209d4 error 4 in > libc-2.17.so[b7421000+186000] > kdm[1841]: Unknown session exit code 0 (sig 11) from manager process > ----- > > Likewise, KCheckPass, when called in a similar scenario as KDM above, or when > attempting to pass invalid input to crypt()/pw_encrypt() such as a "locked" > account that has a "!" prepended in the password field, will crash. > > ----- > kcheckpass[1927]: segfault at 0 ip b762b910 sp bffb0494 error 4 in > libc-2.17.so[b75ab000+186000] > ----- > > Note: an earlier (and buggy) patch was emailed directly to ML (not via RR). > Please disregard that submission entirely. > > > Diffs > ----- > > kcheckpass/checkpass_etcpasswd.c 1dbe06f > kcheckpass/checkpass_osfc2passwd.c 9a074f9 > kcheckpass/checkpass_shadow.c ec3a4e0 > kdm/backend/client.c bdff6da > > Diff: http://git.reviewboard.kde.org/r/111261/diff/ > > > Testing > ------- > > Tests conducted on KDE-Workspace 4.10.4 confirm attached patch corrects the > issues described above. Before applying the patch, KDM and KCheckPass > segfault as shown in log snippets above. After applying the patch, both > properly handle NULL returns from crypt() and pw_encrypt(). > > > Thanks, > > mancha mancha > >
