diff -up cracklib-2.9.0/lib/fascist.c.reentrant cracklib-2.9.0/lib/fascist.c

--- cracklib-2.9.0/lib/fascist.c.reentrant	2013-06-01 16:52:33.000000000 +0200

+++ cracklib-2.9.0/lib/fascist.c	2013-08-21 15:31:18.700090735 +0200

@@ -36,8 +36,8 @@ typedef unsigned short uint16_t;

 #undef DEBUG

 #undef DEBUG2

-extern char *Reverse(char *buf);

-extern char *Lowercase(char *buf);

+extern char *Reverse(char *buf, char *area);

+extern char *Lowercase(char *buf, char *area);

 static char *r_destructors[] = {

     ":",                        /* noop - must do this to test raw word. */

@@ -439,6 +439,8 @@ GTry(rawtext, password)

     int i;

     int len;

     char *mp;

+    char area[STRINGSIZE];

+    char revarea[STRINGSIZE];

     /* use destructors to turn password into rawtext */

     /* note use of Reverse() to save duplicating all rules */

@@ -447,7 +449,7 @@ GTry(rawtext, password)

     for (i = 0; r_destructors[i]; i++)

     {

-	if (!(mp = Mangle(password, r_destructors[i])))

+	if (!(mp = Mangle(password, r_destructors[i], area)))

 	{

 	    continue;

 	}

@@ -462,10 +464,10 @@ GTry(rawtext, password)

 	}

 #ifdef DEBUG

-	printf("%-16s = %-16s (destruct %s reversed)\n", Reverse(mp), rawtext, r_destructors[i]);

+	printf("%-16s = %-16s (destruct %s reversed)\n", Reverse(mp, revarea), rawtext, r_destructors[i]);

 #endif

-	if (!strncmp(Reverse(mp), rawtext, len))

+	if (!strncmp(Reverse(mp, revarea), rawtext, len))

 	{

 	    return (1);

 	}

@@ -473,7 +475,7 @@ GTry(rawtext, password)

     for (i = 0; r_constructors[i]; i++)

     {

-	if (!(mp = Mangle(rawtext, r_constructors[i])))

+	if (!(mp = Mangle(rawtext, r_constructors[i], area)))

 	{

 	    continue;

 	}

@@ -520,7 +522,7 @@ FascistGecosUser(char *password, const c

     strncpy(tbuffer, gecos, STRINGSIZE);

     tbuffer[STRINGSIZE-1] = '\0';

-    strcpy(gbuffer, Lowercase(tbuffer));

+    Lowercase(tbuffer, gbuffer);

     wc = 0;

     ptr = gbuffer;

@@ -695,6 +697,7 @@ FascistLookUser(PWDICT *pwp, char *instr

     char junk[STRINGSIZE];

     char *password;

     char rpassword[STRINGSIZE];

+    char area[STRINGSIZE];

     uint32_t notfound;

     notfound = PW_WORDS(pwp);

@@ -731,7 +734,7 @@ FascistLookUser(PWDICT *pwp, char *instr

 	return _("it does not contain enough DIFFERENT characters");

     }

-    strcpy(password, (char *)Lowercase(password));

+    strcpy(password, (char *)Lowercase(password, area));

     Trim(password);

@@ -787,7 +790,7 @@ FascistLookUser(PWDICT *pwp, char *instr

     {

 	char *a;

-	if (!(a = Mangle(password, r_destructors[i])))

+	if (!(a = Mangle(password, r_destructors[i], area)))

 	{

 	    continue;

 	}

@@ -802,13 +805,13 @@ FascistLookUser(PWDICT *pwp, char *instr

 	}

     }

-    strcpy(password, (char *)Reverse(password));

+    strcpy(password, (char *)Reverse(password, area));

     for (i = 0; r_destructors[i]; i++)

     {

 	char *a;

-	if (!(a = Mangle(password, r_destructors[i])))

+	if (!(a = Mangle(password, r_destructors[i], area)))

 	{

 	    continue;

 	}

diff -up cracklib-2.9.0/lib/packer.h.in.reentrant cracklib-2.9.0/lib/packer.h.in

--- cracklib-2.9.0/lib/packer.h.in.reentrant	2013-08-21 15:29:24.245641356 +0200

+++ cracklib-2.9.0/lib/packer.h.in	2013-08-21 15:29:24.247641399 +0200

@@ -86,7 +86,7 @@ extern int PWClose(PWDICT *pwp);

 extern unsigned int FindPW(PWDICT *pwp, char *string);

 extern int PutPW(PWDICT *pwp, char *string);

 extern int PMatch(char *control, char *string);

-extern char *Mangle(char *input, char *control);

+extern char *Mangle(char *input, char *control, char *area);

 extern char Chop(char *string);

 extern char *Trim(char *string);

 extern char *FascistLook(PWDICT *pwp, char *instring);

diff -up cracklib-2.9.0/lib/packlib.c.reentrant cracklib-2.9.0/lib/packlib.c

--- cracklib-2.9.0/lib/packlib.c.reentrant	2013-08-21 15:29:24.245641356 +0200

+++ cracklib-2.9.0/lib/packlib.c	2013-08-21 15:29:24.247641399 +0200

@@ -67,8 +67,8 @@ PWOpen(prefix, mode)

     char *mode;

 {

     int use64 = 0;

-    static PWDICT pdesc;

-    static PWDICT64 pdesc64;

+    PWDICT *pdesc;

+    PWDICT64 pdesc64;

     char iname[STRINGSIZE];

     char dname[STRINGSIZE];

     char wname[STRINGSIZE];

@@ -76,15 +76,13 @@ PWOpen(prefix, mode)

     FILE *ifp;

     FILE *wfp;

-    if (pdesc.header.pih_magic == PIH_MAGIC)

-    {

-	fprintf(stderr, "%s: another dictionary already open\n", prefix);

-	return ((PWDICT *) 0);

-    }

+    pdesc = malloc(sizeof(*pdesc));

+    if (pdesc == NULL)

+	return NULL;

-    memset(&pdesc, '\0', sizeof(pdesc));

+    memset(pdesc, '\0', sizeof(*pdesc));

     memset(&pdesc64, '\0', sizeof(pdesc64));

-    pdesc.prevblock = 0xffffffff;

+    pdesc->prevblock = 0xffffffff;

     snprintf(iname, STRINGSIZE, "%s.pwi", prefix);

     snprintf(dname, STRINGSIZE, "%s.pwd", prefix);

@@ -92,77 +90,80 @@ PWOpen(prefix, mode)

     if (mode[0] == 'r')

     {

-		pdesc.flags &= ~PFOR_USEZLIB;

+		pdesc->flags &= ~PFOR_USEZLIB;

 		/* first try the normal db file */

-		if (!(pdesc.dfp = fopen(dname, mode)))

+		if (!(pdesc->dfp = fopen(dname, mode)))

 		{

 #ifdef HAVE_ZLIB_H

-			pdesc.flags |= PFOR_USEZLIB;

+			pdesc->flags |= PFOR_USEZLIB;

 			/* try extension .gz */

 			snprintf(dname, STRINGSIZE, "%s.pwd.gz", prefix);

-			if (!(pdesc.dfp = gzopen(dname, mode)))

+			if (!(pdesc->dfp = gzopen(dname, mode)))

 			{

 				perror(dname);

+				free(pdesc);

 				return ((PWDICT *) 0);

 			}

 #else

 		perror(dname);

+		free(pdesc);

 		return ((PWDICT *) 0);

 #endif

 		}

 	}

 	else

 	{

-		pdesc.flags &= ~PFOR_USEZLIB;

+		pdesc->flags &= ~PFOR_USEZLIB;

 		/* write mode: use fopen */

-		if (!(pdesc.dfp = fopen(dname, mode)))

+		if (!(pdesc->dfp = fopen(dname, mode)))

 		{

 			perror(dname);

+			free(pdesc);

 			return ((PWDICT *) 0);

 		}

 	}

-    if (!(pdesc.ifp = fopen(iname, mode)))

+    if (!(pdesc->ifp = fopen(iname, mode)))

     {

 #ifdef HAVE_ZLIB_H

-		if(pdesc.flags & PFOR_USEZLIB)

-			gzclose(pdesc.dfp);

+		if(pdesc->flags & PFOR_USEZLIB)

+			gzclose(pdesc->dfp);

 		else

 #endif

-			fclose(pdesc.dfp);

+			fclose(pdesc->dfp);

 	perror(iname);

+	free(pdesc);

 	return ((PWDICT *) 0);

     }

-    if ((pdesc.wfp = fopen(wname, mode)))

+    if ((pdesc->wfp = fopen(wname, mode)))

     {

-	pdesc.flags |= PFOR_USEHWMS;

+	pdesc->flags |= PFOR_USEHWMS;

     }

-    ifp = pdesc.ifp;

-    dfp = pdesc.dfp;

-    wfp = pdesc.wfp;

+    ifp = pdesc->ifp;

+    dfp = pdesc->dfp;

+    wfp = pdesc->wfp;

     if (mode[0] == 'w')

     {

-	pdesc.flags |= PFOR_WRITE;

-	pdesc.header.pih_magic = PIH_MAGIC;

-	pdesc.header.pih_blocklen = NUMWORDS;

-	pdesc.header.pih_numwords = 0;

+	pdesc->flags |= PFOR_WRITE;

+	pdesc->header.pih_magic = PIH_MAGIC;

+	pdesc->header.pih_blocklen = NUMWORDS;

+	pdesc->header.pih_numwords = 0;

-	fwrite((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp);

+	fwrite((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp);

     } else

     {

-	pdesc.flags &= ~PFOR_WRITE;

+	pdesc->flags &= ~PFOR_WRITE;

-	if (!fread((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp))

+	if (!fread((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp))

 	{

 	    fprintf(stderr, "%s: error reading header\n", prefix);

-	    pdesc.header.pih_magic = 0;

 	    fclose(ifp);

 #ifdef HAVE_ZLIB_H

-		if(pdesc.flags & PFOR_USEZLIB)

+		if(pdesc->flags & PFOR_USEZLIB)

 			gzclose(dfp);

 		else

 #endif

@@ -171,21 +172,21 @@ PWOpen(prefix, mode)

 	    {

 		fclose(wfp);

 	    }

+	    free(pdesc);

 	    return ((PWDICT *) 0);

 	}

-        if ((pdesc.header.pih_magic == 0) || (pdesc.header.pih_numwords == 0))

+        if ((pdesc->header.pih_magic == 0) || (pdesc->header.pih_numwords == 0))

         {

             /* uh-oh. either a broken "64-bit" file or a garbage file. */

             rewind (ifp);

             if (!fread((char *) &pdesc64.header, sizeof(pdesc64.header), 1, ifp))

             {

                 fprintf(stderr, "%s: error reading header\n", prefix);

- 

-                pdesc.header.pih_magic = 0;

+

                 fclose(ifp);

 #ifdef HAVE_ZLIB_H

-				if(pdesc.flags & PFOR_USEZLIB)

+				if(pdesc->flags & PFOR_USEZLIB)

 					gzclose(dfp);

 				else

 #endif

@@ -194,17 +195,17 @@ PWOpen(prefix, mode)

 		{

 			fclose(wfp);

 		}

+		free(pdesc);

                 return ((PWDICT *) 0);

             }

             if (pdesc64.header.pih_magic != PIH_MAGIC)

             {

                 /* nope, not "64-bit" after all */

                 fprintf(stderr, "%s: error reading header\n", prefix);

- 

-                pdesc.header.pih_magic = 0;

+

                 fclose(ifp);

 #ifdef HAVE_ZLIB_H

-				if(pdesc.flags & PFOR_USEZLIB)

+				if(pdesc->flags & PFOR_USEZLIB)

 					gzclose(dfp);

 				else

 #endif

@@ -214,23 +215,23 @@ PWOpen(prefix, mode)

 		{

 			fclose(wfp);

 		}

+		free(pdesc);

                 return ((PWDICT *) 0);

             }

-            pdesc.header.pih_magic = pdesc64.header.pih_magic;

-            pdesc.header.pih_numwords = pdesc64.header.pih_numwords;

-            pdesc.header.pih_blocklen = pdesc64.header.pih_blocklen;

-            pdesc.header.pih_pad = pdesc64.header.pih_pad;

+            pdesc->header.pih_magic = pdesc64.header.pih_magic;

+            pdesc->header.pih_numwords = pdesc64.header.pih_numwords;

+            pdesc->header.pih_blocklen = pdesc64.header.pih_blocklen;

+            pdesc->header.pih_pad = pdesc64.header.pih_pad;

             use64 = 1;

         }

-	if (pdesc.header.pih_magic != PIH_MAGIC)

+	if (pdesc->header.pih_magic != PIH_MAGIC)

 	{

 	    fprintf(stderr, "%s: magic mismatch\n", prefix);

-	    pdesc.header.pih_magic = 0;

 	    fclose(ifp);

 #ifdef HAVE_ZLIB_H

-		if(pdesc.flags & PFOR_USEZLIB)

+		if(pdesc->flags & PFOR_USEZLIB)

 			gzclose(dfp);

 		else

 #endif

@@ -240,17 +241,17 @@ PWOpen(prefix, mode)

 	    {

 		fclose(wfp);

 	    }

+	    free(pdesc);

 	    return ((PWDICT *) 0);

 	}

-        if (pdesc.header.pih_numwords < 1)

+        if (pdesc->header.pih_numwords < 1)

         {

             fprintf(stderr, "%s: invalid word count\n", prefix);

-            pdesc.header.pih_magic = 0;

             fclose(ifp);

 #ifdef HAVE_ZLIB_H

-			if(pdesc.flags & PFOR_USEZLIB)

+			if(pdesc->flags & PFOR_USEZLIB)

 				gzclose(dfp);

 			else

 #endif

@@ -259,17 +260,17 @@ PWOpen(prefix, mode)

 	    {

 		fclose(wfp);

 	    }

+	    free(pdesc);

             return ((PWDICT *) 0);

         }

-	if (pdesc.header.pih_blocklen != NUMWORDS)

+	if (pdesc->header.pih_blocklen != NUMWORDS)

 	{

 	    fprintf(stderr, "%s: size mismatch\n", prefix);

-	    pdesc.header.pih_magic = 0;

 	    fclose(ifp);

 #ifdef HAVE_ZLIB_H

-		if(pdesc.flags & PFOR_USEZLIB)

+		if(pdesc->flags & PFOR_USEZLIB)

 			gzclose(dfp);

 		else

 #endif

@@ -278,10 +279,11 @@ PWOpen(prefix, mode)

 	    {

 		fclose(wfp);

 	    }

+	    free(pdesc);

 	    return ((PWDICT *) 0);

 	}

-	if (pdesc.flags & PFOR_USEHWMS)

+	if (pdesc->flags & PFOR_USEHWMS)

 	{

             int i;

@@ -289,27 +291,27 @@ PWOpen(prefix, mode)

             {

                 if (fread(pdesc64.hwms, 1, sizeof(pdesc64.hwms), wfp) != sizeof(pdesc64.hwms))

                 {

-                    pdesc.flags &= ~PFOR_USEHWMS;

+                    pdesc->flags &= ~PFOR_USEHWMS;

                 }

-                for (i = 0; i < sizeof(pdesc.hwms) / sizeof(pdesc.hwms[0]); i++)

+                for (i = 0; i < sizeof(pdesc->hwms) / sizeof(pdesc->hwms[0]); i++)

                 {

-                    pdesc.hwms[i] = pdesc64.hwms[i];

+                    pdesc->hwms[i] = pdesc64.hwms[i];

                 }

             } 

-            else if (fread(pdesc.hwms, 1, sizeof(pdesc.hwms), wfp) != sizeof(pdesc.hwms))

+            else if (fread(pdesc->hwms, 1, sizeof(pdesc->hwms), wfp) != sizeof(pdesc->hwms))

 	    {

-		pdesc.flags &= ~PFOR_USEHWMS;

+		pdesc->flags &= ~PFOR_USEHWMS;

 	    }

 #if DEBUG

             for (i=1; i<=0xff; i++)

             {

-                printf("hwm[%02x] = %d\n", i, pdesc.hwms[i]);

+                printf("hwm[%02x] = %d\n", i, pdesc->hwms[i]);

             }

 #endif

 	}

     }

-    return (&pdesc);

+    return (pdesc);

 }

 int

@@ -319,6 +321,7 @@ PWClose(pwp)

     if (pwp->header.pih_magic != PIH_MAGIC)

     {

 	fprintf(stderr, "PWClose: close magic mismatch\n");

+        /* we do not try to free memory that is probably corrupted */

 	return (-1);

     }

@@ -330,12 +333,14 @@ PWClose(pwp)

 	if (fseek(pwp->ifp, 0L, 0))

 	{

 	    fprintf(stderr, "index magic fseek failed\n");

+	    free(pwp);

 	    return (-1);

 	}

 	if (!fwrite((char *) &pwp->header, sizeof(pwp->header), 1, pwp->ifp))

 	{

 	    fprintf(stderr, "index magic fwrite failed\n");

+            free(pwp);

 	    return (-1);

 	}

@@ -369,6 +374,7 @@ PWClose(pwp)

     }

     pwp->header.pih_magic = 0;

+    free(pwp);

     return (0);

 }

diff -up cracklib-2.9.0/lib/rules.c.reentrant cracklib-2.9.0/lib/rules.c

--- cracklib-2.9.0/lib/rules.c.reentrant	2013-06-01 16:47:13.000000000 +0200

+++ cracklib-2.9.0/lib/rules.c	2013-08-21 15:29:24.247641399 +0200

@@ -82,12 +82,12 @@ Suffix(myword, suffix)

 }

 char *

-Reverse(str)			/* return a pointer to a reversal */

+Reverse(str, area)			/* return a pointer to a reversal */

     register char *str;

+    char *area;

 {

     register int i;

     register int j;

-    static char area[STRINGSIZE];

     j = i = strlen(str);

     while (*str)

     {

@@ -98,11 +98,11 @@ Reverse(str)			/* return a pointer to a

 }

 char *

-Uppercase(str)			/* return a pointer to an uppercase */

+Uppercase(str, area)			/* return a pointer to an uppercase */

     register char *str;

+    char *area;

 {

     register char *ptr;

-    static char area[STRINGSIZE];

     ptr = area;

     while (*str)

     {

@@ -115,11 +115,11 @@ Uppercase(str)			/* return a pointer to

 }

 char *

-Lowercase(str)			/* return a pointer to an lowercase */

+Lowercase(str, area)			/* return a pointer to an lowercase */

     register char *str;

+    char *area;

 {

     register char *ptr;

-    static char area[STRINGSIZE];

     ptr = area;

     while (*str)

     {

@@ -132,11 +132,11 @@ Lowercase(str)			/* return a pointer to

 }

 char *

-Capitalise(str)			/* return a pointer to an capitalised */

+Capitalise(str, area)			/* return a pointer to an capitalised */

     register char *str;

+    char *area;

 {

     register char *ptr;

-    static char area[STRINGSIZE];

     ptr = area;

     while (*str)

@@ -151,11 +151,11 @@ Capitalise(str)			/* return a pointer to

 }

 char *

-Pluralise(string)		/* returns a pointer to a plural */

+Pluralise(string, area)		/* returns a pointer to a plural */

     register char *string;

+    char *area;

 {

     register int length;

-    static char area[STRINGSIZE];

     length = strlen(string);

     strcpy(area, string);

@@ -192,13 +192,13 @@ Pluralise(string)		/* returns a pointer

 }

 char *

-Substitute(string, old, new)	/* returns pointer to a swapped about copy */

+Substitute(string, old, new, area)	/* returns pointer to a swapped about copy */

     register char *string;

     register char old;

     register char new;

+    char *area;

 {

     register char *ptr;

-    static char area[STRINGSIZE];

     ptr = area;

     while (*string)

     {

@@ -210,12 +210,12 @@ Substitute(string, old, new)	/* returns

 }

 char *

-Purge(string, target)		/* returns pointer to a purged copy */

+Purge(string, target, area)		/* returns pointer to a purged copy */

     register char *string;

     register char target;

+    char *area;

 {

     register char *ptr;

-    static char area[STRINGSIZE];

     ptr = area;

     while (*string)

     {

@@ -372,13 +372,13 @@ PolyStrchr(string, class)

 }

 char *

-PolySubst(string, class, new)	/* returns pointer to a swapped about copy */

+PolySubst(string, class, new, area)	/* returns pointer to a swapped about copy */

     register char *string;

     register char class;

     register char new;

+    char *area;

 {

     register char *ptr;

-    static char area[STRINGSIZE];

     ptr = area;

     while (*string)

     {

@@ -390,12 +390,12 @@ PolySubst(string, class, new)	/* returns

 }

 char *

-PolyPurge(string, class)	/* returns pointer to a purged copy */

+PolyPurge(string, class, area)	/* returns pointer to a purged copy */

     register char *string;

     register char class;

+    char *area;

 {

     register char *ptr;

-    static char area[STRINGSIZE];

     ptr = area;

     while (*string)

     {

@@ -428,40 +428,41 @@ Char2Int(character)

 }

 char *

-Mangle(input, control)		/* returns a pointer to a controlled Mangle */

+Mangle(input, control, area)		/* returns a pointer to a controlled Mangle */

     char *input;

     char *control;

+    char *area;

 {

     int limit;

     register char *ptr;

-    static char area[STRINGSIZE];

     char area2[STRINGSIZE];

     area[0] = '\0';

     strcpy(area, input);

     for (ptr = control; *ptr; ptr++)

     {

+	strcpy(area2, area);

 	switch (*ptr)

 	{

 	case RULE_NOOP:

 	    break;

 	case RULE_REVERSE:

-	    strcpy(area, Reverse(area));

+	    Reverse(area2, area);

 	    break;

 	case RULE_UPPERCASE:

-	    strcpy(area, Uppercase(area));

+	    Uppercase(area2, area);

 	    break;

 	case RULE_LOWERCASE:

-	    strcpy(area, Lowercase(area));

+	    Lowercase(area2, area);

 	    break;

 	case RULE_CAPITALISE:

-	    strcpy(area, Capitalise(area));

+	    Capitalise(area2, area);

 	    break;

 	case RULE_PLURALISE:

-	    strcpy(area, Pluralise(area));

+	    Pluralise(area2, area);

 	    break;

 	case RULE_REFLECT:

-	    strcat(area, Reverse(area));

+	    strcat(area, Reverse(area, area2));

 	    break;

 	case RULE_DUPLICATE:

 	    strcpy(area2, area);

@@ -548,7 +549,6 @@ Mangle(input, control)		/* returns a poi

 		    Debug(1, "Mangle: extract: weird argument in '%s'\n", control);

 		    return ((char *) 0);

 		}

-		strcpy(area2, area);

 		for (i = 0; length-- && area2[start + i]; i++)

 		{

 		    area[i] = area2[start + i];

@@ -619,10 +619,10 @@ Mangle(input, control)		/* returns a poi

 		return ((char *) 0);

 	    } else if (ptr[1] != RULE_CLASS)

 	    {

-		strcpy(area, Purge(area, *(++ptr)));

+		Purge(area2, *(++ptr), area);

 	    } else

 	    {

-		strcpy(area, PolyPurge(area, ptr[2]));

+		PolyPurge(area2, ptr[2], area);

 		ptr += 2;

 	    }

 	    break;

@@ -633,11 +633,11 @@ Mangle(input, control)		/* returns a poi

 		return ((char *) 0);

 	    } else if (ptr[1] != RULE_CLASS)

 	    {

-		strcpy(area, Substitute(area, ptr[1], ptr[2]));

+		Substitute(area2, ptr[1], ptr[2], area);

 		ptr += 2;

 	    } else

 	    {

-		strcpy(area, PolySubst(area, ptr[2], ptr[3]));

+		PolySubst(area2, ptr[2], ptr[3], area);

 		ptr += 3;

 	    }

 	    break;