fix crash by checking username without checking if it is NULL

This commit is contained in:
Isaac Connor 2019-03-18 12:01:51 -04:00
parent 06eb38f802
commit b794c2ca20
2 changed files with 28 additions and 30 deletions

View File

@ -248,15 +248,19 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr ) {
//Function to check Username length
bool checkUser ( const char *username) {
if ( strlen(username) > 32) {
if ( ! username )
return false;
}
if ( strlen(username) > 32 )
return false;
return true;
}
//Function to check password length
bool checkPass (const char *password) {
if ( strlen(password) > 64) {
if ( !password )
return false;
}
if ( strlen(password) > 64 )
return false;
return true;
}

View File

@ -394,7 +394,7 @@ int main(int argc, char *argv[]) {
//fprintf( stderr, "?? getopt returned character code 0%o ??\n", c );
break;
}
}
} // end getopt loop
if ( optind < argc ) {
fprintf(stderr, "Extraneous options, ");
@ -425,44 +425,38 @@ int main(int argc, char *argv[]) {
if ( config.opt_use_auth ) {
if ( strcmp(config.auth_relay, "none") == 0 ) {
if ( !checkUser(username)) {
fprintf(stderr, "Error, username greater than allowed 32 characters\n");
exit_zmu(-1);
}
if ( !username ) {
fprintf(stderr, "Error, username must be supplied\n");
exit_zmu(-1);
}
if ( username ) {
user = zmLoadUser(username);
}
} else {
if ( !(username && password) && !auth ) {
fprintf(stderr, "Error, username and password or auth string must be supplied\n");
exit_zmu(-1);
}
if ( !checkUser(username)) {
fprintf(stderr, "Error, username greater than allowed 32 characters\n");
exit_zmu(-1);
}
if ( !checkPass(password)) {
fprintf(stderr, "Error, password greater than allowed 64 characters\n");
user = zmLoadUser(username);
} else {
if ( !(username && password) && !auth ) {
fprintf(stderr, "Error, username and password or auth string must be supplied\n");
exit_zmu(-1);
}
//if ( strcmp( config.auth_relay, "hashed" ) == 0 )
{
if ( auth ) {
user = zmLoadAuthUser(auth, false);
}
if ( auth ) {
user = zmLoadAuthUser(auth, false);
}
//else if ( strcmp( config.auth_relay, "plain" ) == 0 )
{
if ( username && password ) {
user = zmLoadUser(username, password);
if ( username && password ) {
if ( !checkUser(username)) {
fprintf(stderr, "Error, username greater than allowed 32 characters\n");
exit_zmu(-1);
}
}
}
if ( !checkPass(password)) {
fprintf(stderr, "Error, password greater than allowed 64 characters\n");
exit_zmu(-1);
}
user = zmLoadUser(username, password);
} // end if username && password
} // end if relay or not
if ( !user ) {
fprintf(stderr, "Error, unable to authenticate user\n");
return exit_zmu(-1);