summaryrefslogtreecommitdiff
path: root/loginutils
diff options
context:
space:
mode:
Diffstat (limited to 'loginutils')
-rw-r--r--loginutils/chpasswd.c1
-rw-r--r--loginutils/passwd.c13
-rw-r--r--loginutils/sulogin.c8
3 files changed, 15 insertions, 7 deletions
diff --git a/loginutils/chpasswd.c b/loginutils/chpasswd.c
index 230ab0f..7308596 100644
--- a/loginutils/chpasswd.c
+++ b/loginutils/chpasswd.c
@@ -65,6 +65,7 @@ int chpasswd_main(int argc ATTRIBUTE_UNUSED, char **argv)
bb_info_msg("Password for '%s' changed", name);
logmode = LOGMODE_STDIO;
free(name);
+ free(pass);
}
return 0;
diff --git a/loginutils/passwd.c b/loginutils/passwd.c
index fad226c..0a31137 100644
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -16,22 +16,24 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
char salt[sizeof("$N$XXXXXXXX")]; /* "$N$XXXXXXXX" or "XX" */
char *orig = (char*)"";
char *newp = NULL;
- char *cipher = NULL;
char *cp = NULL;
char *ret = NULL; /* failure so far */
if (myuid && pw->pw_passwd[0]) {
+ char *encrypted;
+
orig = bb_askpass(0, "Old password:"); /* returns ptr to static */
if (!orig)
goto err_ret;
- cipher = pw_encrypt(orig, pw->pw_passwd, 1); /* returns ptr to static */
- if (strcmp(cipher, pw->pw_passwd) != 0) {
+ encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
+ if (strcmp(encrypted, pw->pw_passwd) != 0) {
syslog(LOG_WARNING, "incorrect password for '%s'",
pw->pw_name);
bb_do_delay(FAIL_DELAY);
puts("Incorrect password");
goto err_ret;
}
+ if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);
}
orig = xstrdup(orig); /* or else bb_askpass() will destroy it */
newp = bb_askpass(0, "New password:"); /* returns ptr to static */
@@ -55,8 +57,8 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
strcpy(salt, "$1$");
crypt_make_salt(salt + 3, 4, 0);
}
- /* pw_encrypt returns ptr to static */
- ret = xstrdup(pw_encrypt(newp, salt, 1));
+ /* pw_encrypt returns malloced str */
+ ret = pw_encrypt(newp, salt, 1);
/* whee, success! */
err_ret:
@@ -64,7 +66,6 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
if (ENABLE_FEATURE_CLEAN_UP) free(orig);
nuke_str(newp);
if (ENABLE_FEATURE_CLEAN_UP) free(newp);
- nuke_str(cipher);
nuke_str(cp);
return ret;
}
diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
index f52ce8a..38812a6 100644
--- a/loginutils/sulogin.c
+++ b/loginutils/sulogin.c
@@ -72,6 +72,9 @@ int sulogin_main(int argc ATTRIBUTE_UNUSED, char **argv)
#endif
while (1) {
+ char *encrypted;
+ int r;
+
/* cp points to a static buffer that is zeroed every time */
cp = bb_askpass(timeout,
"Give root password for system maintenance\n"
@@ -81,7 +84,10 @@ int sulogin_main(int argc ATTRIBUTE_UNUSED, char **argv)
bb_info_msg("Normal startup");
return 0;
}
- if (strcmp(pw_encrypt(cp, pwd->pw_passwd, 1), pwd->pw_passwd) == 0) {
+ encrypted = pw_encrypt(cp, pwd->pw_passwd, 1);
+ r = strcmp(encrypted, pwd->pw_passwd);
+ free(encrypted);
+ if (r == 0) {
break;
}
bb_do_delay(FAIL_DELAY);