*: use llist_pop for traverse-and-free list operation

[oweals/busybox.git] / libbb / correct_password.c

diff --git a/libbb/correct_password.c b/libbb/correct_password.c
index f1793cd17399b5992e976d92596dd49327863342..f47642fd5a8ff8a2ab0cafc70ef13c38353a5e20 100644 (file)
--- a/libbb/correct_password.c
+++ b/libbb/correct_password.c
@@ -40,6 +40,12 @@ int correct_password(const struct passwd *pw)
 {
        char *unencrypted, *encrypted;
        const char *correct;
+       int r;
+#if ENABLE_FEATURE_SHADOWPASSWDS
+       /* Using _r function to avoid pulling in static buffers */
+       struct spwd spw;
+       char buffer[256];
+#endif
 
        /* fake salt. crypt() can choke otherwise. */
        correct = "aa";
@@ -50,11 +56,11 @@ int correct_password(const struct passwd *pw)
        correct = pw->pw_passwd;
 #if ENABLE_FEATURE_SHADOWPASSWDS
        if ((correct[0] == 'x' || correct[0] == '*') && !correct[1]) {
-               /* Using _r function to avoid pulling in static buffers */
-               struct spwd spw;
-               struct spwd *result;
-               char buffer[256];
-               correct = (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)) ? "aa" : spw.sp_pwdp;
+               /* getspnam_r may return 0 yet set result to NULL.
+                * At least glibc 2.4 does this. Be extra paranoid here. */
+               struct spwd *result = NULL;
+               r = getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result);
+               correct = (r || !result) ? "aa" : result->sp_pwdp;
        }
 #endif
 
@@ -66,7 +72,9 @@ int correct_password(const struct passwd *pw)
        if (!unencrypted) {
                return 0;
        }
-       encrypted = crypt(unencrypted, correct);
+       encrypted = pw_encrypt(unencrypted, correct, 1);
+       r = (strcmp(encrypted, correct) == 0);
+       free(encrypted);
        memset(unencrypted, 0, strlen(unencrypted));
-       return strcmp(encrypted, correct) == 0;
+       return r;
 }