-#ifdef CONFIG_FEATURE_SHADOWPASSWDS
- if (( strcmp ( pw-> pw_passwd, "x" ) == 0 ) || ( strcmp ( pw-> pw_passwd, "*" ) == 0 )) {
- struct spwd *sp = getspnam ( pw-> pw_name );
-
- if ( !sp )
- bb_error_msg_and_die ( "\nno valid shadow password" );
-
- correct = sp-> sp_pwdp;
+ /* fake salt. crypt() can choke otherwise. */
+ correct = "aa";
+ if (!pw) {
+ /* "aa" will never match */
+ goto fake_it;
+ }
+ correct = pw->pw_passwd;
+#if ENABLE_FEATURE_SHADOWPASSWDS
+ if ((correct[0] == 'x' || correct[0] == '*') && !correct[1]) {
+ /* Using _r function to avoid pulling in static buffers */
+ struct spwd spw;
+ struct spwd *result;
+ char buffer[256];
+ correct = (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)) ? "aa" : spw.sp_pwdp;