X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=loginutils%2Fsulogin.c;h=77eff9f8dc415b0395a4474c59eb17f1d54484a8;hb=48a29defcaeb3e3bbf32ae6ed3f77de2101e083a;hp=3a1a8e9f5b0ab80fe235828ecfbc9f0e7fedea73;hpb=c9ca0a32745a43eaa6cb6b7b460718de8ccb84f2;p=oweals%2Fbusybox.git

diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
index 3a1a8e9f5..77eff9f8d 100644
--- a/loginutils/sulogin.c
+++ b/loginutils/sulogin.c
@@ -8,18 +8,17 @@
 #include "libbb.h"
 #include <syslog.h>
 
-//static void catchalarm(int ATTRIBUTE_UNUSED junk)
+//static void catchalarm(int UNUSED_PARAM junk)
 //{
 //	exit(EXIT_FAILURE);
 //}
 
 
 int sulogin_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
-int sulogin_main(int argc, char **argv)
+int sulogin_main(int argc UNUSED_PARAM, char **argv)
 {
 	char *cp;
 	int timeout = 0;
-	char *timeout_arg;
 	struct passwd *pwd;
 	const char *shell;
 #if ENABLE_FEATURE_SHADOWPASSWDS
@@ -31,18 +30,19 @@ int sulogin_main(int argc, char **argv)
 	logmode = LOGMODE_BOTH;
 	openlog(applet_name, 0, LOG_AUTH);
 
-	if (getopt32(argv, "t:", &timeout_arg)) {
-		timeout = xatoi_u(timeout_arg);
-	}
+	opt_complementary = "t+"; /* -t N */
+	getopt32(argv, "t:", &timeout);
+	argv += optind;
 
-	if (argv[optind]) {
+	if (argv[0]) {
 		close(0);
 		close(1);
-		dup(xopen(argv[optind], O_RDWR));
+		dup(xopen(argv[0], O_RDWR));
 		close(2);
 		dup(0);
 	}
 
+	/* Malicious use like "sulogin /dev/sda"? */
 	if (!isatty(0) || !isatty(1) || !isatty(2)) {
 		logmode = LOGMODE_SYSLOG;
 		bb_error_msg_and_die("not a tty");
@@ -51,7 +51,7 @@ int sulogin_main(int argc, char **argv)
 	/* Clear dangerous stuff, set PATH */
 	sanitize_env_if_suid();
 
-// bb_askpass() already handles this
+// bb_ask() already handles this
 //	signal(SIGALRM, catchalarm);
 
 	pwd = getpwuid(0);
@@ -73,8 +73,11 @@ int sulogin_main(int argc, char **argv)
 #endif
 
 	while (1) {
+		char *encrypted;
+		int r;
+
 		/* cp points to a static buffer that is zeroed every time */
-		cp = bb_askpass(timeout,
+		cp = bb_ask(STDIN_FILENO, timeout,
 				"Give root password for system maintenance\n"
 				"(or type Control-D for normal startup):");
 
@@ -82,7 +85,10 @@ int sulogin_main(int argc, char **argv)
 			bb_info_msg("Normal startup");
 			return 0;
 		}
-		if (strcmp(pw_encrypt(cp, pwd->pw_passwd), pwd->pw_passwd) == 0) {
+		encrypted = pw_encrypt(cp, pwd->pw_passwd, 1);
+		r = strcmp(encrypted, pwd->pw_passwd);
+		free(encrypted);
+		if (r == 0) {
 			break;
 		}
 		bb_do_delay(FAIL_DELAY);
@@ -93,7 +99,7 @@ int sulogin_main(int argc, char **argv)
 
 	bb_info_msg("System Maintenance Mode");
 
-	USE_SELINUX(renew_current_security_context());
+	IF_SELINUX(renew_current_security_context());
 
 	shell = getenv("SUSHELL");
 	if (!shell)