diff options
Diffstat (limited to 'libbb/pw_encrypt.c')
-rw-r--r-- | libbb/pw_encrypt.c | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c index d546bc883..e9cf4e3b8 100644 --- a/libbb/pw_encrypt.c +++ b/libbb/pw_encrypt.c | |||
@@ -12,18 +12,16 @@ | |||
12 | 12 | ||
13 | char *pw_encrypt(const char *clear, const char *salt) | 13 | char *pw_encrypt(const char *clear, const char *salt) |
14 | { | 14 | { |
15 | static char cipher[128]; | 15 | /* Was static char[BIGNUM]. Malloced thing works as well */ |
16 | char *cp; | 16 | static char *cipher; |
17 | 17 | ||
18 | #if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */ | 18 | #if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */ |
19 | if (strncmp(salt, "$2$", 3) == 0) { | 19 | if (strncmp(salt, "$2$", 3) == 0) { |
20 | return sha1_crypt(clear); | 20 | return sha1_crypt(clear); |
21 | } | 21 | } |
22 | #endif | 22 | #endif |
23 | cp = (char *) crypt(clear, salt); | 23 | |
24 | /* if crypt (a nonstandard crypt) returns a string too large, | 24 | free(cipher); |
25 | truncate it so we don't overrun buffers and hope there is | 25 | cipher = xstrdup(crypt(clear, salt)); |
26 | enough security in what's left */ | ||
27 | safe_strncpy(cipher, cp, sizeof(cipher)); | ||
28 | return cipher; | 26 | return cipher; |
29 | } | 27 | } |