X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=libbb%2Fcorrect_password.c;h=f47642fd5a8ff8a2ab0cafc70ef13c38353a5e20;hb=d50dda8c3501af9d593cd11272a15b480864a01c;hp=f1793cd17399b5992e976d92596dd49327863342;hpb=54e19da86d5496ec5f5787b85a2b6342be1d63d4;p=oweals%2Fbusybox.git

diff --git a/libbb/correct_password.c b/libbb/correct_password.c
index f1793cd17..f47642fd5 100644
--- a/libbb/correct_password.c
+++ b/libbb/correct_password.c
@@ -40,6 +40,12 @@ int correct_password(const struct passwd *pw)
 {
 	char *unencrypted, *encrypted;
 	const char *correct;
+	int r;
+#if ENABLE_FEATURE_SHADOWPASSWDS
+	/* Using _r function to avoid pulling in static buffers */
+	struct spwd spw;
+	char buffer[256];
+#endif
 
 	/* fake salt. crypt() can choke otherwise. */
 	correct = "aa";
@@ -50,11 +56,11 @@ int correct_password(const struct passwd *pw)
 	correct = pw->pw_passwd;
 #if ENABLE_FEATURE_SHADOWPASSWDS
 	if ((correct[0] == 'x' || correct[0] == '*') && !correct[1]) {
-		/* Using _r function to avoid pulling in static buffers */
-		struct spwd spw;
-		struct spwd *result;
-		char buffer[256];
-		correct = (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)) ? "aa" : spw.sp_pwdp;
+		/* getspnam_r may return 0 yet set result to NULL.
+		 * At least glibc 2.4 does this. Be extra paranoid here. */
+		struct spwd *result = NULL;
+		r = getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result);
+		correct = (r || !result) ? "aa" : result->sp_pwdp;
 	}
 #endif
 
@@ -66,7 +72,9 @@ int correct_password(const struct passwd *pw)
 	if (!unencrypted) {
 		return 0;
 	}
-	encrypted = crypt(unencrypted, correct);
+	encrypted = pw_encrypt(unencrypted, correct, 1);
+	r = (strcmp(encrypted, correct) == 0);
+	free(encrypted);
 	memset(unencrypted, 0, strlen(unencrypted));
-	return strcmp(encrypted, correct) == 0;
+	return r;
 }