On Tue, Feb 4, 2014, at 10:43, Ralf Friedl wrote:
> > As with many other software, busybox was also broken by the glibc >=
> > 2.17 behavior change. Now crypt() returns NULL if either salt or
> > password is invalid.
> >
> > This causes busybox 1.21, 1.22, and git su to segfault, when you just
> > press enter at the password prompt (configured to use system crypt() of
> > course).
> >
> > The attached patch fixes su. You may want to check every other call to
> > crypt() in busybox.
>
> A simple way to fix this for all users of pw_encrypt is to change
> pw_encrypt:
> char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int
> cleanup)
> {
> char *res = crypt(clear, salt);
> if (!res)
> res = ""; // Or whatever value crypt previously returned
> return xstrdup(res);
> }
Yes, previously crypt returned an empty string like that. Though that
will throw a warning about assigning a const char to char, something
similar would work.
- Lauri
--
http://www.fastmail.fm - Faster than the air-speed velocity of an
unladen european swallow
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
