 |
passwd: fix crashes for unencrypted passwords starting with 'x'. - ubase - suck… |
 |
git clone git://git.suckless.org/ubase |
 |
Log |
|
Files |
|
Refs |
|
README |
|
LICENSE |
|
--- |
|
commit 140efda3a263b9e6d922633c418fa9846d35731d |
|
parent 4f1b54dd92aa858432f648fc886700f7b369ed84 |
|
Author: Mario Rugiero <[email protected]> |
|
Date: Tue, 25 Sep 2018 15:54:25 -0300 |
|
|
|
passwd: fix crashes for unencrypted passwords starting with 'x'. |
|
|
|
When deciding where the previous hash should come from, is is |
|
assumed that 'x' started strings all mean to look in shadow. |
|
This is probably harmless in practice, since modern Linux still |
|
use only hashes instead of raw passwords. |
|
However, this is more robust, and more importantly, it is more |
|
consistent with the previous check, which explicitly tests for |
|
the string to be "x". |
|
|
|
Diffstat: |
|
M passwd.c | 3 ++- |
|
|
|
1 file changed, 2 insertions(+), 1 deletion(-) |
|
--- |
|
diff --git a/passwd.c b/passwd.c |
|
@@ -210,7 +210,8 @@ main(int argc, char *argv[]) |
|
if (pw->pw_passwd[0] == '\0') { |
|
goto newpass; |
|
} |
|
- if (pw->pw_passwd[0] == 'x') |
|
+ if (pw->pw_passwd[0] == 'x' && |
|
+ pw->pw_passwd[1] == '\0') |
|
prevhash = spw->sp_pwdp; |
|
else |
|
prevhash = pw->pw_passwd; |
