X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fpasswd.c;h=e991fefaa5e0ad2cf49a47ab2c45f7991500a3bb;hb=a91dedca48ec58e6baab75839753121fb725c9e1;hp=6b8aafa1571128ca643af4138368d923f22efd3b;hpb=73c55919443640e0856d4e80be9b7123fc270b02;p=oweals%2Fopenssl.git

diff --git a/apps/passwd.c b/apps/passwd.c
index 6b8aafa157..e991fefaa5 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -20,7 +20,7 @@
 # include <openssl/des.h>
 #endif
 #ifndef NO_APR1
-# include <openssl/des.h>
+# include <openssl/md5.h>
 #endif
 
 
@@ -54,6 +54,8 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
  * -reverse      - switch table columns
  */
 
+int MAIN(int, char **);
+
 int MAIN(int argc, char **argv)
 	{
 	int ret = 1;
@@ -61,6 +63,7 @@ int MAIN(int argc, char **argv)
 	int in_stdin = 0;
 	char *salt = NULL, *passwd = NULL, **passwds = NULL;
 	char *salt_malloc = NULL, *passwd_malloc = NULL;
+	size_t passwd_malloc_size = 0;
 	int pw_source_defined = 0;
 	BIO *in = NULL, *out = NULL;
 	int i, badopt, opt_done;
@@ -194,7 +197,10 @@ int MAIN(int argc, char **argv)
 	if (passwds == NULL)
 		{
 		/* no passwords on the command line */
-		passwd = passwd_malloc = Malloc(pw_maxlen + 1);
+
+		passwd_malloc_size = pw_maxlen + 2;
+		/* longer than necessary so that we can warn about truncation */
+		passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size);
 		if (passwd_malloc == NULL)
 			goto err;
 		}
@@ -206,7 +212,7 @@ int MAIN(int argc, char **argv)
 		
 		passwds = passwds_static;
 		if (in == NULL)
-			if (EVP_read_pw_string(passwd_malloc, pw_maxlen + 1, "Password: ", 0) != 0)
+			if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", 0) != 0)
 				goto err;
 		passwds[0] = passwd_malloc;
 		}
@@ -260,9 +266,9 @@ int MAIN(int argc, char **argv)
 err:
 	ERR_print_errors(bio_err);
 	if (salt_malloc)
-		Free(salt_malloc);
+		OPENSSL_free(salt_malloc);
 	if (passwd_malloc)
-		Free(passwd_malloc);
+		OPENSSL_free(passwd_malloc);
 	if (in)
 		BIO_free(in);
 	if (out)
@@ -323,13 +329,13 @@ static char *apr1_crypt(const char *passwd, const char *salt)
 		MD5_CTX md2;
 
 		MD5_Init(&md2);
-		MD5_Update(&md2, (i & 1) ?     passwd : buf,
+		MD5_Update(&md2, (i & 1) ? (unsigned char *) passwd : buf,
 		                 (i & 1) ? passwd_len : sizeof buf);
 		if (i % 3)
 			MD5_Update(&md2, salt_out, salt_len);
 		if (i % 7)
 			MD5_Update(&md2, passwd, passwd_len);
-		MD5_Update(&md2, (i & 1) ?        buf : passwd,
+		MD5_Update(&md2, (i & 1) ? buf : (unsigned char *) passwd,
 		                 (i & 1) ? sizeof buf : passwd_len);
 		MD5_Final(buf, &md2);
 		}
@@ -393,7 +399,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
 			{
 			if (*salt_malloc_p == NULL)
 				{
-				*salt_p = *salt_malloc_p = Malloc(3);
+				*salt_p = *salt_malloc_p = OPENSSL_malloc(3);
 				if (*salt_malloc_p == NULL)
 					goto err;
 				}
@@ -416,7 +422,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
 			
 			if (*salt_malloc_p == NULL)
 				{
-				*salt_p = *salt_malloc_p = Malloc(9);
+				*salt_p = *salt_malloc_p = OPENSSL_malloc(9);
 				if (*salt_malloc_p == NULL)
 					goto err;
 				}