Prevent crash on failure to source secure randomness

Signed-off-by: DL6ER <[email protected]>
pi-hole · Feb 27, 2025 · 511ddae · 511ddae
1 parent f0a4ac1
commit 511ddae
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/src/config/password.c b/src/config/password.c
@@ -185,7 +185,7 @@ static char * __attribute__((malloc)) balloon_password(const char *password,
 {
 	// Parameter check
 	if(password == NULL || salt == NULL)
-		return NULL;
+		return strdup("");
 
 	struct timespec start, end;
 	// Record starting time
@@ -370,7 +370,7 @@ char * __attribute__((malloc)) create_password(const char *password)
 	// genrandom() returns cryptographically secure random data
 	uint8_t salt[SALT_LEN] = { 0 };
 	if(!get_secure_randomness(salt, sizeof(salt)))
-		return NULL;
+		return strdup("");
 
 	// Generate balloon PHC-encoded password hash
 	return balloon_password(password, salt, true);