remove echo_main -> bb_echo indirection

[oweals/busybox.git] / libbb / correct_password.c

diff --git a/libbb/correct_password.c b/libbb/correct_password.c
index 815c51c43f5af2ac75116b12c976ccfd5a9ed469..96bb10e0b465f83be79eb1e1a22a557771a898c4 100644 (file)
--- a/libbb/correct_password.c
+++ b/libbb/correct_password.c
@@ -40,6 +40,11 @@ int correct_password(const struct passwd *pw)
 {
        char *unencrypted, *encrypted;
        const char *correct;
+#if ENABLE_FEATURE_SHADOWPASSWDS
+       /* Using _r function to avoid pulling in static buffers */
+       struct spwd spw;
+       char buffer[256];
+#endif
 
        /* fake salt. crypt() can choke otherwise. */
        correct = "aa";
@@ -50,17 +55,15 @@ int correct_password(const struct passwd *pw)
        correct = pw->pw_passwd;
 #if ENABLE_FEATURE_SHADOWPASSWDS
        if ((correct[0] == 'x' || correct[0] == '*') && !correct[1]) {
-               /* Using _r function to avoid pulling in static buffers */
-               struct spwd spw;
-               struct spwd *result;
-               char buffer[256];
-               if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result) == 0)
-                       correct = spw.sp_pwdp;
-               /* else: no valid shadow password, checking ordinary one */
+               /* getspnam_r may return 0 yet set result to NULL.
+                * At least glibc 2.4 does this. Be extra paranoid here. */
+               struct spwd *result = NULL;
+               int r = getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result);
+               correct = (r || !result) ? "aa" : result->sp_pwdp;
        }
 #endif
 
-       if (!correct || correct[0] == '\0')
+       if (!correct[0]) /* empty password field? */
                return 1;
 
  fake_it: