svn commit: r231986 - head/secure/lib/libcrypt

[Kevin Lo]

Author: kevlo
Date: Wed Feb 22 01:23:14 2012
New Revision: 231986
URL: http://svn.freebsd.org/changeset/base/231986

Log:
  Return NULL on error rather than ":", per the crypt(3) man page.
  Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3

Modified:
  head/secure/lib/libcrypt/crypt-blowfish.c

Modified: head/secure/lib/libcrypt/crypt-blowfish.c
==============================================================================
--- head/secure/lib/libcrypt/crypt-blowfish.c	Wed Feb 22 01:08:59 2012	(r231985)
+++ head/secure/lib/libcrypt/crypt-blowfish.c	Wed Feb 22 01:23:14 2012	(r231986)
@@ -72,7 +72,6 @@ static void encode_base64(u_int8_t *, u_
 static void decode_base64(u_int8_t *, u_int16_t, const u_int8_t *);
 
 static char    encrypted[_PASSWORD_LEN];
-static char    error[] = ":";
 
 static const u_int8_t Base64Code[] =
 "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
@@ -160,8 +159,8 @@ crypt_blowfish(const char *key, const ch
 		salt++;
 
 		if (*salt > BCRYPT_VERSION) {
-			/* How do I handle errors ? Return ':' */
-			return error;
+			/* How do I handle errors ? Return NULL */
+			return NULL;
 		}
 
 		/* Check for minor versions */
@@ -173,7 +172,7 @@ crypt_blowfish(const char *key, const ch
 				 salt++;
 				 break;
 			 default:
-				 return error;
+				 return NULL;
 			 }
 		} else
 			 minr = 0;
@@ -183,13 +182,13 @@ crypt_blowfish(const char *key, const ch
 
 		if (salt[2] != '$')
 			/* Out of sync with passwd entry */
-			return error;
+			return NULL;
 
 		/* Computer power doesnt increase linear, 2^x should be fine */
 		logr = (u_int8_t)atoi(salt);
 		rounds = 1 << logr;
 		if (rounds < BCRYPT_MINROUNDS)
-			return error;
+			return NULL;
 
 		/* Discard num rounds + "$" identifier */
 		salt += 3;