ubase

suckless linux base utils
git clone git://git.2f30.org/ubase.git
Log | Files | Refs | README | LICENSE

commit 997f575e72e0965601595ea9747fc4ebbad9fe3d
parent 7ffe3cfacce716b08139c8713f37fd38b4bce6f7
Author: John Regan <john@jrjrtech.com>
Date:   Sat, 29 Sep 2018 14:28:37 -0400

passwd: prevent segfault when running as root

When running as root, passwd attempts to compare the new password to
the old password, without having grabbed the old passwd.

This checks if the previous password hash was grabbed before comparing
it against the new password hash.

Diffstat:
passwd.c | 13++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/passwd.c b/passwd.c @@ -235,11 +235,14 @@ newpass: eprintf("getpass:"); if (inpass[0] == '\0') eprintf("no password supplied\n"); - p = crypt(inpass, prevhash); - if (!p) - eprintf("crypt:"); - if (cryptpass1 && strcmp(cryptpass1, p) == 0) - eprintf("password left unchanged\n"); + + if(prevhash) { + p = crypt(inpass, prevhash); + if (!p) + eprintf("crypt:"); + if (cryptpass1 && strcmp(cryptpass1, p) == 0) + eprintf("password left unchanged\n"); + } gensalt(salt + strlen(salt)); p = crypt(inpass, salt); if (!p)