make pw_encrypt() return malloc'ed string.

   text    data     bss     dec     hex filename
 759802     604    6684  767090   bb472 busybox_old
 759804     604    6676  767084   bb46c busybox_unstripped

3 files changed, 15 insertions, 7 deletions

diff --git a/loginutils/chpasswd.c b/loginutils/chpasswd.c
index 230ab0fc9..7308596ad 100644
--- a/loginutils/chpasswd.c
+++ b/loginutils/chpasswd.c
@@ -65,6 +65,7 @@ int chpasswd_main(int argc ATTRIBUTE_UNUSED, char **argv)
                         bb_info_msg("Password for '%s' changed", name);
                 logmode = LOGMODE_STDIO;
                 free(name);
+                free(pass);
         }
 
         return 0;
diff --git a/loginutils/passwd.c b/loginutils/passwd.c
index fad226c00..0a31137cf 100644
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -16,22 +16,24 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
         char salt[sizeof("$N$XXXXXXXX")]; /* "$N$XXXXXXXX" or "XX" */
         char *orig = (char*)"";
         char *newp = NULL;
-        char *cipher = NULL;
         char *cp = NULL;
         char *ret = NULL; /* failure so far */
 
         if (myuid && pw->pw_passwd[0]) {
+                char *encrypted;
+
                 orig = bb_askpass(0, "Old password:"); /* returns ptr to static */
                 if (!orig)
                         goto err_ret;
-                cipher = pw_encrypt(orig, pw->pw_passwd, 1); /* returns ptr to static */
-                if (strcmp(cipher, pw->pw_passwd) != 0) {
+                encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
+                if (strcmp(encrypted, pw->pw_passwd) != 0) {
                         syslog(LOG_WARNING, "incorrect password for '%s'",
                                 pw->pw_name);
                         bb_do_delay(FAIL_DELAY);
                         puts("Incorrect password");
                         goto err_ret;
                 }
+                if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);
         }
         orig = xstrdup(orig); /* or else bb_askpass() will destroy it */
         newp = bb_askpass(0, "New password:"); /* returns ptr to static */
@@ -55,8 +57,8 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
                 strcpy(salt, "$1$");
                 crypt_make_salt(salt + 3, 4, 0);
         }
-        /* pw_encrypt returns ptr to static */
-        ret = xstrdup(pw_encrypt(newp, salt, 1));
+        /* pw_encrypt returns malloced str */
+        ret = pw_encrypt(newp, salt, 1);
         /* whee, success! */
 
  err_ret:
@@ -64,7 +66,6 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
         if (ENABLE_FEATURE_CLEAN_UP) free(orig);
         nuke_str(newp);
         if (ENABLE_FEATURE_CLEAN_UP) free(newp);
-        nuke_str(cipher);
         nuke_str(cp);
         return ret;
 }
diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
index f52ce8a95..38812a6cc 100644
--- a/loginutils/sulogin.c
+++ b/loginutils/sulogin.c
@@ -72,6 +72,9 @@ int sulogin_main(int argc ATTRIBUTE_UNUSED, char **argv)
 #endif
 
         while (1) {
+                char *encrypted;
+                int r;
+
                 /* cp points to a static buffer that is zeroed every time */
                 cp = bb_askpass(timeout,
                                 "Give root password for system maintenance\n"
@@ -81,7 +84,10 @@ int sulogin_main(int argc ATTRIBUTE_UNUSED, char **argv)
                         bb_info_msg("Normal startup");
                         return 0;
                 }
-                if (strcmp(pw_encrypt(cp, pwd->pw_passwd, 1), pwd->pw_passwd) == 0) {
+                encrypted = pw_encrypt(cp, pwd->pw_passwd, 1);
+                r = strcmp(encrypted, pwd->pw_passwd);
+                free(encrypted);
+                if (r == 0) {
                         break;
                 }
                 bb_do_delay(FAIL_DELAY);