[Swan-dev] Fix bug in do_file_authentication

Paul Wouters paul at nohats.ca
Fri Apr 4 17:09:45 EEST 2014

On Fri, 4 Apr 2014, D. Hugh Redelmeier wrote:

>    Fix bug in do_file_authentication.
>    Introduced by DHR on 2014 Jan 12 via 69caecc522448a4c36d679d0f3ca48c0864b2182.

I'm still confused here, the old/new code is:

                 /* get userid */
                 userid = line;
                 p = strchr(p, ':');     /* find end */
                 if (p == NULL) {
                         /* no end: skip line */
                         libreswan_log("XAUTH: %s:%d missing password hash field", pwdfile, lineno);

                 *p++ ='\0';     /* terminate string by overwriting : */

At this last line, p was pointing to 0x01. How can strchr ever return
such an invalid memory pointer? So I also don't trust the test for p !=
NULL and running *p++ ='\0';

What did I get wrong?


More information about the Swan-dev mailing list