From 8c653cd038f9cc6202aacf03fa745ca3b01de401 Mon Sep 17 00:00:00 2001
From: Joe Orton <jorton@redhat.com>
Date: Jun 06 2012 13:17:13 +0000
Subject: fix crypt_r failure modes (#819650)


Resolves: rhbz#819650

---

diff --git a/apr-util-1.4.1-r1346875.patch b/apr-util-1.4.1-r1346875.patch
new file mode 100644
index 0000000..3a2743c
--- /dev/null
+++ b/apr-util-1.4.1-r1346875.patch
@@ -0,0 +1,38 @@
+
+https://bugzilla.redhat.com/show_bug.cgi?id=819650
+
+http://svn.apache.org/viewvc?view=revision&revision=1346875
+
+--- apr-util-1.4.1/crypto/apr_md5.c.r1346875
++++ apr-util-1.4.1/crypto/apr_md5.c
+@@ -721,6 +721,9 @@ APU_DECLARE(apr_status_t) apr_password_v
+         CRYPTD buffer;
+ 
+         crypt_pw = crypt_r(passwd, hash, &buffer);
++        if (!crypt_pw) {
++            return APR_EMISMATCH;
++        }
+         apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
+ #elif defined(CRYPT_R_STRUCT_CRYPT_DATA)
+         struct crypt_data buffer;
+@@ -732,6 +735,9 @@ APU_DECLARE(apr_status_t) apr_password_v
+          */
+         memset(&buffer, 0, sizeof(buffer));
+         crypt_pw = crypt_r(passwd, hash, &buffer);
++        if (!crypt_pw) {
++            return APR_EMISMATCH;
++        }
+         apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
+ #else
+         /* Do a bit of sanity checking since we know that crypt_r()
+@@ -748,6 +754,10 @@ APU_DECLARE(apr_status_t) apr_password_v
+          */
+         crypt_mutex_lock();
+         crypt_pw = crypt(passwd, hash);
++        if (!crypt_pw) {
++            crypt_mutex_unlock();
++            return APR_EMISMATCH;
++        }
+         apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
+         crypt_mutex_unlock();
+ #endif
diff --git a/apr-util.spec b/apr-util.spec
index 869d830..4b3bb18 100644
--- a/apr-util.spec
+++ b/apr-util.spec
@@ -10,13 +10,14 @@
 Summary: Apache Portable Runtime Utility library
 Name: apr-util
 Version: 1.4.1
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: ASL 2.0
 Group: System Environment/Libraries
 URL: http://apr.apache.org/
 Source0: http://www.apache.org/dist/apr/%{name}-%{version}.tar.bz2
 Patch1: apr-util-1.2.7-pkgconf.patch
 Patch2: apr-util-1.3.7-nodbmdso.patch
+Patch3: apr-util-1.4.1-r1346875.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
 BuildRequires: autoconf, apr-devel >= 1.3.0
 BuildRequires: %{dbdep}, expat-devel, libuuid-devel
@@ -120,6 +121,7 @@ This package provides the NSS crypto support for the apr-util.
 %setup -q
 %patch1 -p1 -b .pkgconf
 %patch2 -p1 -b .nodbmdso
+%patch3 -p1 -b .r1346875
 
 %build
 autoheader && autoconf
@@ -224,6 +226,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/*.m4
 
 %changelog
+* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 1.4.1-4
+- fix crypt_r failure modes (#819650)
+
 * Tue Apr 24 2012 Joe Orton <jorton@redhat.com> - 1.4.1-3
 - apply _isa to deps