From b97aaf62ec7989362d563df202d5a62db68e3e0a Mon Sep 17 00:00:00 2001
From: Chip Black <bytex64@bytex64.net>
Date: Sat, 22 Mar 2014 16:37:17 -0500
Subject: [PATCH] Add more error checking in auth

---
 common/auth.c | 47 +++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 39 insertions(+), 8 deletions(-)

diff --git a/common/auth.c b/common/auth.c
index a4a40cd..9053a26 100644
--- a/common/auth.c
+++ b/common/auth.c
@@ -69,7 +69,7 @@ int auth_get_password_version(const char *username) {
 	char filename[FILENAME_MAX];
 	int fd;
 	char str[4];
-	int len;
+	int len = 0;
 
 	snprintf(filename, FILENAME_MAX, "%s/%s/password_version", blergconf.data_path, username);
 	if (access(filename, F_OK) != 0) {
@@ -77,9 +77,18 @@ int auth_get_password_version(const char *username) {
 	}
 
 	fd = open(filename, O_RDONLY);
+	if (fd == -1)
+		return -1;
 	len = read(fd, str, 4);
 	close(fd);
+
+	if (len < -1) {
+		perror("auth_get_password_version");
+		return -1;
+	}
+
 	str[len] = 0;
+
 	/* strtol returns zero if there isn't a number */
 	return strtol(str, NULL, 10);
 }
@@ -87,25 +96,38 @@ int auth_get_password_version(const char *username) {
 int auth_get_password(const char *username, char *password) {
 	char filename[FILENAME_MAX];
 	int fd;
+	int read_size;
 	int len = 0;
 
 	if (!valid_name(username))
 		return 0;
 
-	snprintf(filename, FILENAME_MAX, "%s/%s/password", blergconf.data_path, username);
-	fd = open(filename, O_RDONLY);
-	if (fd == -1)
-		return 0;
 	switch(auth_get_password_version(username)) {
 	case 0:
-		len = read(fd, password, MD5_DIGEST_SIZE);
+		read_size = MD5_DIGEST_SIZE;
 		break;
 	case 1:
-		len = read(fd, password, SCRYPT_OUTPUT_SIZE);
+		read_size = SCRYPT_OUTPUT_SIZE;
 		break;
+	default:
+		return 0;
 	}
+
+	snprintf(filename, FILENAME_MAX, "%s/%s/password", blergconf.data_path, username);
+	fd = open(filename, O_RDONLY);
+	if (fd == -1)
+		return 0;
+	len = read(fd, password, read_size);
 	close(fd);
 
+	if (len < 0) {
+		perror("auth_get_password");
+		return 0;
+	} else if (len < read_size) {
+		fprintf(stderr, "Short read getting password\n");
+		return 0;
+	}
+
 	password[len] = 0;
 
 	return 1;
@@ -113,7 +135,8 @@ int auth_get_password(const char *username, char *password) {
 
 int auth_get_salt(const char *username, uint8_t *salt) {
 	char filename[FILENAME_MAX];
-	int fd, len;
+	int fd;
+	int len = 0;
 
 	if (!valid_name(username))
 		return 0;
@@ -125,6 +148,14 @@ int auth_get_salt(const char *username, uint8_t *salt) {
 	len = read(fd, salt, SCRYPT_SALT_SIZE);
 	close(fd);
 
+	if (len < 0) {
+		perror("auth_get_salt");
+		return 0;
+	} else if (len < SCRYPT_SALT_SIZE) {
+		fprintf(stderr, "Short read getting salt\n");
+		return 0;
+	}
+
 	return 1;
 }
 
-- 
2.25.1