mirror of
git://git.suckless.org/ubase
synced 2024-12-11 17:29:24 +00:00
passwd: prevent segfault when running as root
When running as root, passwd attempts to compare the new password to the old password, without having grabbed the old passwd. This checks if the previous password hash was grabbed before comparing it against the new password hash.
This commit is contained in:
parent
7ffe3cfacc
commit
4f1b54dd92
13
passwd.c
13
passwd.c
@ -235,11 +235,14 @@ newpass:
|
||||
eprintf("getpass:");
|
||||
if (inpass[0] == '\0')
|
||||
eprintf("no password supplied\n");
|
||||
p = crypt(inpass, prevhash);
|
||||
if (!p)
|
||||
eprintf("crypt:");
|
||||
if (cryptpass1 && strcmp(cryptpass1, p) == 0)
|
||||
eprintf("password left unchanged\n");
|
||||
|
||||
if(prevhash) {
|
||||
p = crypt(inpass, prevhash);
|
||||
if (!p)
|
||||
eprintf("crypt:");
|
||||
if (cryptpass1 && strcmp(cryptpass1, p) == 0)
|
||||
eprintf("password left unchanged\n");
|
||||
}
|
||||
gensalt(salt + strlen(salt));
|
||||
p = crypt(inpass, salt);
|
||||
if (!p)
|
||||
|
Loading…
Reference in New Issue
Block a user