diff options
| author | Einar Jón <tolvupostur@gmail.com> | 2019-01-08 16:31:37 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2019-01-08 16:32:25 +0100 |
| commit | ce51140664d82300d25b096b4a41f01fdfd766b3 (patch) | |
| tree | 95b02b340288d67e5fa10f4608066e9eed2354de /loginutils | |
| parent | 959b04bc0e9d23daa51f75130c7d3eeacd91e52c (diff) | |
| download | busybox-w32-ce51140664d82300d25b096b4a41f01fdfd766b3.tar.gz busybox-w32-ce51140664d82300d25b096b4a41f01fdfd766b3.tar.bz2 busybox-w32-ce51140664d82300d25b096b4a41f01fdfd766b3.zip | |
passwd: initialize pointers correctly
Fix for running passwd as root (or sudo passwd $USER).
Crashed on call to free(orig) during cleanup.
Fix regression from commit 17058a06c4333fc0c492c168c8a971ebd0fd5a5a
Root user never changes the orig pointer, so when cleaning up, passwd tried to
free orig=(char*)""
Example: sudo passwd $USER
Changing password for xxx
New password:
Bad password: too short
Retype password:
Passwords don't match
free(): invalid pointer
Aborted
function old new delta
passwd_main 958 961 +3
Signed-off-by: Einar Jón <tolvupostur@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'loginutils')
| -rw-r--r-- | loginutils/passwd.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/loginutils/passwd.c b/loginutils/passwd.c index 59f47fc7b..30e096460 100644 --- a/loginutils/passwd.c +++ b/loginutils/passwd.c | |||
| @@ -43,7 +43,7 @@ | |||
| 43 | static char* new_password(const struct passwd *pw, uid_t myuid, const char *algo) | 43 | static char* new_password(const struct passwd *pw, uid_t myuid, const char *algo) |
| 44 | { | 44 | { |
| 45 | char salt[MAX_PW_SALT_LEN]; | 45 | char salt[MAX_PW_SALT_LEN]; |
| 46 | char *orig = (char*)""; | 46 | char *orig = NULL; |
| 47 | char *newp = NULL; | 47 | char *newp = NULL; |
| 48 | char *cp = NULL; | 48 | char *cp = NULL; |
| 49 | char *ret = NULL; /* failure so far */ | 49 | char *ret = NULL; /* failure so far */ |
| @@ -51,7 +51,7 @@ static char* new_password(const struct passwd *pw, uid_t myuid, const char *algo | |||
| 51 | if (myuid != 0 && pw->pw_passwd[0]) { | 51 | if (myuid != 0 && pw->pw_passwd[0]) { |
| 52 | char *encrypted; | 52 | char *encrypted; |
| 53 | 53 | ||
| 54 | orig = bb_ask_noecho_stdin("Old password: "); /* returns ptr to static */ | 54 | orig = bb_ask_noecho_stdin("Old password: "); /* returns malloced str */ |
| 55 | if (!orig) | 55 | if (!orig) |
| 56 | goto err_ret; | 56 | goto err_ret; |
| 57 | encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */ | 57 | encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */ |
| @@ -64,11 +64,11 @@ static char* new_password(const struct passwd *pw, uid_t myuid, const char *algo | |||
| 64 | if (ENABLE_FEATURE_CLEAN_UP) | 64 | if (ENABLE_FEATURE_CLEAN_UP) |
| 65 | free(encrypted); | 65 | free(encrypted); |
| 66 | } | 66 | } |
| 67 | newp = bb_ask_noecho_stdin("New password: "); /* returns ptr to static */ | 67 | newp = bb_ask_noecho_stdin("New password: "); /* returns malloced str */ |
| 68 | if (!newp) | 68 | if (!newp) |
| 69 | goto err_ret; | 69 | goto err_ret; |
| 70 | if (ENABLE_FEATURE_PASSWD_WEAK_CHECK | 70 | if (ENABLE_FEATURE_PASSWD_WEAK_CHECK |
| 71 | && obscure(orig, newp, pw) | 71 | && obscure(orig, newp, pw) /* NB: passing NULL orig is ok */ |
| 72 | && myuid != 0 | 72 | && myuid != 0 |
| 73 | ) { | 73 | ) { |
| 74 | goto err_ret; /* non-root is not allowed to have weak passwd */ | 74 | goto err_ret; /* non-root is not allowed to have weak passwd */ |