passwd: prevent segfault when running as root - ubase - suckless linux base utils
(HTM) git clone git://git.suckless.org/ubase
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 4f1b54dd92aa858432f648fc886700f7b369ed84
(DIR) parent 7ffe3cfacce716b08139c8713f37fd38b4bce6f7
(HTM) Author: John Regan <john@jrjrtech.com>
Date: Sat, 29 Sep 2018 14:28:37 -0400
passwd: prevent segfault when running as root
When running as root, passwd attempts to compare the new password to
the old password, without having grabbed the old passwd.
This checks if the previous password hash was grabbed before comparing
it against the new password hash.
Diffstat:
M passwd.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
---
(DIR) diff --git a/passwd.c b/passwd.c
@@ -235,11 +235,14 @@ newpass:
eprintf("getpass:");
if (inpass[0] == '\0')
eprintf("no password supplied\n");
- p = crypt(inpass, prevhash);
- if (!p)
- eprintf("crypt:");
- if (cryptpass1 && strcmp(cryptpass1, p) == 0)
- eprintf("password left unchanged\n");
+
+ if(prevhash) {
+ p = crypt(inpass, prevhash);
+ if (!p)
+ eprintf("crypt:");
+ if (cryptpass1 && strcmp(cryptpass1, p) == 0)
+ eprintf("password left unchanged\n");
+ }
gensalt(salt + strlen(salt));
p = crypt(inpass, salt);
if (!p)