Hylafax Mailing List Archives

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Null pointer indirection bug in v4.0pl1



There's a *0 bug in hfaxd that shows up when the user logs in without
a password, and the etc/hosts file requires one.
Here's the fix:

*** SNPPServer.c++	1998/01/13 20:30:56	1.1
--- SNPPServer.c++	1998/01/13 20:31:00
***************
*** 990,996 ****
  
      if (checkUser(loginID)) {
  	if (passwd != "") {
! 	    if (pass[0] == '\0' || !streq(crypt(pass, passwd), passwd)) {
  		if (++loginAttempts >= maxLoginAttempts) {
  		    reply(421, "Login incorrect (closing connection).");
  		    logNotice("Repeated SNPP login failures for user %s from %s [%s]"
--- 990,996 ----
  
      if (checkUser(loginID)) {
  	if (passwd != "") {
! 	    if (pass == NULL || pass[0] == '\0' || !streq(crypt(pass, passwd), passwd)) {
  		if (++loginAttempts >= maxLoginAttempts) {
  		    reply(421, "Login incorrect (closing connection).");
  		    logNotice("Repeated SNPP login failures for user %s from %s [%s]"



Ken Lalonde
UUNET Canada



Home
Report any problems to webmaster@hylafax.org

HylaFAX is a trademark of Silicon Graphics Corporation.
Internet connectivity for hylafax.org is provided by:
VirtuALL Private Host Services