2 files changed, 7 insertions, 5 deletions

diff --git a/libbb/correct_password.c b/libbb/correct_password.c
index a4ded8b5f..f0b9384ea 100644
--- a/libbb/correct_password.c
+++ b/libbb/correct_password.c
@@ -40,6 +40,7 @@ int correct_password(const struct passwd *pw)
 {
 	char *unencrypted, *encrypted;
 	const char *correct;
+	int r;
 #if ENABLE_FEATURE_SHADOWPASSWDS
 	/* Using _r function to avoid pulling in static buffers */
 	struct spwd spw;
@@ -72,6 +73,8 @@ int correct_password(const struct passwd *pw)
 		return 0;
 	}
 	encrypted = pw_encrypt(unencrypted, correct, 1);
+	r = (strcmp(encrypted, correct) == 0);
+	free(encrypted);
 	memset(unencrypted, 0, strlen(unencrypted));
-	return strcmp(encrypted, correct) == 0;
+	return r;
 }
diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c
index d439fc3b4..762cbab27 100644
--- a/libbb/pw_encrypt.c
+++ b/libbb/pw_encrypt.c
@@ -54,7 +54,7 @@ static void my_crypt_cleanup(void)
 
 char *pw_encrypt(const char *clear, const char *salt, int cleanup)
 {
-	static char *cipher;
+	char *encrypted;
 
 #if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */
 	if (strncmp(salt, "$2$", 3) == 0) {
@@ -62,11 +62,10 @@ char *pw_encrypt(const char *clear, const char *salt, int cleanup)
 	}
 #endif
 
-	free(cipher);
-	cipher = my_crypt(clear, salt);
+	encrypted = my_crypt(clear, salt);
 
 	if (cleanup)
 		my_crypt_cleanup();
 
-	return cipher;
+	return encrypted;
 }