aboutsummaryrefslogtreecommitdiff
path: root/libbb/correct_password.c
diff options
context:
space:
mode:
Diffstat (limited to 'libbb/correct_password.c')
-rw-r--r--libbb/correct_password.c27
1 files changed, 16 insertions, 11 deletions
diff --git a/libbb/correct_password.c b/libbb/correct_password.c
index d031b2109..c515b26af 100644
--- a/libbb/correct_password.c
+++ b/libbb/correct_password.c
@@ -37,19 +37,24 @@
int correct_password(const struct passwd *pw)
{
- char *unencrypted, *encrypted, *correct;
+ char *unencrypted, *encrypted;
+ const char *correct;
+#if ENABLE_FEATURE_SHADOWPASSWDS
+ /* Using _r function to avoid pulling in static buffers */
+ struct spwd spw;
+ struct spwd *result;
+ char buffer[256];
+#endif
-#ifdef CONFIG_FEATURE_SHADOWPASSWDS
+ correct = pw->pw_passwd;
+#if ENABLE_FEATURE_SHADOWPASSWDS
if (LONE_CHAR(pw->pw_passwd, 'x') || LONE_CHAR(pw->pw_passwd, '*')) {
- struct spwd *sp = getspnam(pw->pw_name);
-
- if (!sp)
- bb_error_msg_and_die("no valid shadow password");
-
- correct = sp->sp_pwdp;
- } else
+ if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result))
+ bb_error_msg("no valid shadow password, checking ordinary one");
+ else
+ correct = spw.sp_pwdp;
+ }
#endif
- correct = pw->pw_passwd;
if (!correct || correct[0] == '\0')
return 1;
@@ -60,5 +65,5 @@ int correct_password(const struct passwd *pw)
}
encrypted = crypt(unencrypted, correct);
memset(unencrypted, 0, strlen(unencrypted));
- return (!strcmp(encrypted, correct)) ? 1 : 0;
+ return strcmp(encrypted, correct) == 0;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-01 09:19:12 +0000