From f14cc9dd9272fae2e30ead3e95e3a6a9f383896b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Henrik=20Grubbstr=C3=B6m=20=28Grubba=29?=
 <grubba@grubba.org>
Date: Fri, 14 Aug 2020 11:26:48 +0200
Subject: [PATCH] EFUNs: Do not throw errors on validation failure in crypt().

The glibc crypt() implementation in RHEL 8 apparently sometimes
performs misguided "validation" of the salt even for "$6$" and
fails with EINVAL instead of actually validating the password.

Throwing an error on validation failure is not what existing
code expects, so just return a failure instead in this case.

Fixes #10050.

See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714219
---
 src/builtin_functions.c | 35 ++++++++++++++++++-----------------
 1 file changed, 18 insertions(+), 17 deletions(-)

diff --git a/src/builtin_functions.c b/src/builtin_functions.c
index 3bd150cf0f..ab11ff30b9 100644
--- a/src/builtin_functions.c
+++ b/src/builtin_functions.c
@@ -3280,30 +3280,31 @@ PMOD_EXPORT void f_crypt(INT32 args)
 #error No crypt function found and fallback failed.
 #endif
 #endif
-  if (!ret) {
-    switch(errno) {
+  if(args < 2)
+  {
+    if (!ret) {
+      switch(errno) {
 #ifdef ELIBACC
-    case ELIBACC:
-      Pike_error("Failed to load a required shared library. "
-		 "Unsupported salt.\n");
-      break;
+      case ELIBACC:
+	Pike_error("Failed to load a required shared library. "
+		   "Unsupported salt.\n");
+	break;
 #endif
-    case ENOMEM:
-      Pike_error("Out of memory.\n");
-      break;
-    case EINVAL:
-    default:
-      Pike_error("Unsupported salt (%d).\n", errno);
-      break;
+      case ENOMEM:
+	Pike_error("Out of memory.\n");
+	break;
+      case EINVAL:
+      default:
+	Pike_error("Unsupported salt (%d).\n", errno);
+	break;
+      }
     }
-  }
-  if(args < 2)
-  {
+
     pop_n_elems(args);
     push_text(ret);
   }else{
     int i;
-    i=!strcmp(ret,saltp);
+    i = ret && !strcmp(ret,saltp);
     pop_n_elems(args);
     push_int(i);
   }
-- 
GitLab