session: fix argument order of crypt() and prevent segfault if /etc/config/rpcd does...

[project/rpcd.git] / session.c

diff --git a/session.c b/session.c
index 9ad1552f00edf41ef64a0e891dab29130c2aa87e..5d403f0854dab746eb4e438faf028e3e19c35494 100644 (file)
--- a/session.c
+++ b/session.c
@@ -792,7 +792,7 @@ rpc_login_test_password(const char *hash, const char *password)
 #endif
        }
 
-       crypt_hash = crypt(hash, password);
+       crypt_hash = crypt(password, hash);
 
        return !strcmp(crypt_hash, hash);
 }
@@ -801,7 +801,7 @@ static struct uci_section *
 rpc_login_test_login(struct uci_context *uci,
                      const char *username, const char *password)
 {
-       struct uci_package *p;
+       struct uci_package *p = NULL;
        struct uci_section *s;
        struct uci_element *e;
        struct uci_ptr ptr = { .package = "rpcd" };
@@ -1042,7 +1042,7 @@ rpc_handle_login(struct ubus_context *ctx, struct ubus_object *obj,
        int timeout = RPC_DEFAULT_SESSION_TIMEOUT;
        int rv = 0;
 
-       blobmsg_parse(acl_policy, __RPC_L_MAX, tb, blob_data(msg), blob_len(msg));
+       blobmsg_parse(login_policy, __RPC_L_MAX, tb, blob_data(msg), blob_len(msg));
 
        if (!tb[RPC_L_USERNAME] || !tb[RPC_L_PASSWORD]) {
                rv = UBUS_STATUS_INVALID_ARGUMENT;