diff options
| author | Denis Vlasenko <vda.linux@googlemail.com> | 2007-10-29 19:25:45 +0000 |
|---|---|---|
| committer | Denis Vlasenko <vda.linux@googlemail.com> | 2007-10-29 19:25:45 +0000 |
| commit | 15ca51e3e2a31efc275b616106244d8ec3f8f773 (patch) | |
| tree | e54716fcb612a54cfa72564d9ef089eebe92acbd /libbb/correct_password.c | |
| parent | 5a28a25b9dd81e0975532458723c4244ff532e58 (diff) | |
appletlib.c: make it actally follow _BB_SUID_ALWAYS rules
adduser: implement -S and code shrink / fix uid selection
*: sanitize getspnam_r use
text data bss dec hex filename
777042 974 9676 787692 c04ec busybox_old
776883 974 9676 787533 c044d busybox_unstripped
Diffstat (limited to 'libbb/correct_password.c')
| -rw-r--r-- | libbb/correct_password.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/libbb/correct_password.c b/libbb/correct_password.c index f1793cd17..96bb10e0b 100644 --- a/libbb/correct_password.c +++ b/libbb/correct_password.c @@ -40,6 +40,11 @@ int correct_password(const struct passwd *pw) { char *unencrypted, *encrypted; const char *correct; +#if ENABLE_FEATURE_SHADOWPASSWDS + /* Using _r function to avoid pulling in static buffers */ + struct spwd spw; + char buffer[256]; +#endif /* fake salt. crypt() can choke otherwise. */ correct = "aa"; @@ -50,11 +55,11 @@ int correct_password(const struct passwd *pw) correct = pw->pw_passwd; #if ENABLE_FEATURE_SHADOWPASSWDS if ((correct[0] == 'x' || correct[0] == '*') && !correct[1]) { - /* Using _r function to avoid pulling in static buffers */ - struct spwd spw; - struct spwd *result; - char buffer[256]; - correct = (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)) ? "aa" : spw.sp_pwdp; + /* getspnam_r may return 0 yet set result to NULL. + * At least glibc 2.4 does this. Be extra paranoid here. */ + struct spwd *result = NULL; + int r = getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result); + correct = (r || !result) ? "aa" : result->sp_pwdp; } #endif |