[Slackbuilds-users] [SLiM] Potential NULL pointer dereference
niels.horn at gmail.com
Wed Jul 3 09:59:10 UTC 2013
Thanks for the fix!
I'll include it soonish and submit an update.
On Wed, Jul 3, 2013 at 1:55 AM, mancha <mancha1 at hush.com> wrote:
> When SLiM uses crypt() to authenticate and it returns a NULL
> pointer (as glibc 2.17+ does for invalid input such as a
> locked account with a "!" prepended password field), then
> logging in to such an account via SLiM crashes the daemon.
> slim: segfault at 0 ip b7220909 sp bf85deb4 error 4 in libc-
> I have been in touch with SLiM's primary developer and he
> has committed my fix here:
> This fix applies cleanly to 1.3.5 and prevents the segfaults
> on Slackware-current and is fully backwards compatible
> with older Slackware versions.
> PS. Upon subscribing to the list, my password and other
> info (name, email, etc.) were sent cleartext. Having it
> go over SSL is very easy to do. Here's a good how-to:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the SlackBuilds-users