crypt: harden against crashes.

The crypt function on glibc, and maybe other platforms, simply
crashes when given a perfectly valid salt string that contains
invalid salt syntax.  This is nasty; we want TXR Lisp
library functions to be robust; bringing down the image is not
acceptable.

Also, crypt may return a null pointer.  glibc's crypt does
this in certain situations, like when the "2a" (Blowfish)
algorithm is specified when not available. We are not checking
for this null return, in which case the ensuing crash is our
fault.

* sysif.c (salt_char_p, validate_salt): New functions.
(crypt_wrap): Validate the salt via validate_salt.
Check the return value from crypt/crypt_r; if null,
then throw an exception that incorporates the errno
information.

0 files changed, 0 insertions, 0 deletions