aboutsummaryrefslogtreecommitdiff
path: root/libbb/pw_encrypt.c
diff options
context:
space:
mode:
Diffstat (limited to 'libbb/pw_encrypt.c')
-rw-r--r--libbb/pw_encrypt.c12
1 files changed, 5 insertions, 7 deletions
diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c
index d546bc883..e9cf4e3b8 100644
--- a/libbb/pw_encrypt.c
+++ b/libbb/pw_encrypt.c
@@ -12,18 +12,16 @@
12 12
13char *pw_encrypt(const char *clear, const char *salt) 13char *pw_encrypt(const char *clear, const char *salt)
14{ 14{
15 static char cipher[128]; 15 /* Was static char[BIGNUM]. Malloced thing works as well */
16 char *cp; 16 static char *cipher;
17 17
18#if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */ 18#if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */
19 if (strncmp(salt, "$2$", 3) == 0) { 19 if (strncmp(salt, "$2$", 3) == 0) {
20 return sha1_crypt(clear); 20 return sha1_crypt(clear);
21 } 21 }
22#endif 22#endif
23 cp = (char *) crypt(clear, salt); 23
24 /* if crypt (a nonstandard crypt) returns a string too large, 24 free(cipher);
25 truncate it so we don't overrun buffers and hope there is 25 cipher = xstrdup(crypt(clear, salt));
26 enough security in what's left */
27 safe_strncpy(cipher, cp, sizeof(cipher));
28 return cipher; 26 return cipher;
29} 27}