Lauri Kasanen wrote:
As with many other software, busybox was also broken by the glibc >=
2.17 behavior change. Now crypt() returns NULL if either salt or
password is invalid.
This causes busybox 1.21, 1.22, and git su to segfault, when you just
press enter at the password prompt (configured to use system crypt() of
course).
The attached patch fixes su. You may want to check every other call to
crypt() in busybox.
- Lauri
A simple way to fix this for all users of pw_encrypt is to change
pw_encrypt:
char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup)
{
char *res = crypt(clear, salt);
if (!res)
res = ""; // Or whatever value crypt previously returned
return xstrdup(res);
}
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
