commit 4f1b54dd92aa858432f648fc886700f7b369ed84
Author: John Regan <[email protected]>
AuthorDate: Sat Sep 29 14:28:37 2018 -0400
Commit: sin <[email protected]>
CommitDate: Wed Jan 30 11:57:49 2019 +0000
passwd: prevent segfault when running as root
When running as root, passwd attempts to compare the new password to
the old password, without having grabbed the old passwd.
This checks if the previous password hash was grabbed before comparing
it against the new password hash.
diff --git a/passwd.c b/passwd.c
index 52b70a8..afbba9c 100644
--- a/passwd.c
+++ b/passwd.c
@@ -235,11 +235,14 @@ newpass:
eprintf("getpass:");
if (inpass[0] == '\0')
eprintf("no password supplied\n");
- p = crypt(inpass, prevhash);
- if (!p)
- eprintf("crypt:");
- if (cryptpass1 && strcmp(cryptpass1, p) == 0)
- eprintf("password left unchanged\n");
+
+ if(prevhash) {
+ p = crypt(inpass, prevhash);
+ if (!p)
+ eprintf("crypt:");
+ if (cryptpass1 && strcmp(cryptpass1, p) == 0)
+ eprintf("password left unchanged\n");
+ }
gensalt(salt + strlen(salt));
p = crypt(inpass, salt);
if (!p)
