The current password checking is unable to distinguish between the user entering an empty password or pressing Control-D. As a result, an empty password always results in normal startup.
We modify bb_ask to return NULL if Control-D is pressed without entering a password. The sulogin applet is then modified to only proceed to normal startup if bb_ask returns NULL. This covers EOF with no password, interrupt by timeout and ^C. Signed-off-by: Jonathan Liu <[email protected]> --- libbb/bb_askpass.c | 4 ++-- loginutils/sulogin.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/libbb/bb_askpass.c b/libbb/bb_askpass.c index fe2b506..e875bdd 100644 --- a/libbb/bb_askpass.c +++ b/libbb/bb_askpass.c @@ -65,8 +65,8 @@ char* FAST_FUNC bb_ask(const int fd, int timeout, const char *prompt) i = 0; while (1) { int r = read(fd, &ret[i], 1); - if (r < 0) { - /* read is interrupted by timeout or ^C */ + if ((i == 0 && r == 0) || r < 0) { + /* EOF with no password, read is interrupted by timeout or ^C */ ret = NULL; break; } diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c index bd2b09e..6df0437 100644 --- a/loginutils/sulogin.c +++ b/loginutils/sulogin.c @@ -84,7 +84,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv) "Give root password for system maintenance\n" "(or type Control-D for normal startup):"); - if (!cp || !*cp) { + if (!cp) { bb_info_msg("Normal startup"); return 0; } -- 1.8.2.3 _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
