Re: [PATCH] correct_password: Handle NULL from crypt

2014-02-10 Thread Rich Felker
On Sun, Feb 09, 2014 at 12:52:50PM +0100, Denys Vlasenko wrote: On Mon, Feb 3, 2014 at 5:50 PM, Lauri Kasanen cur...@operamail.com wrote: As with many other software, busybox was also broken by the glibc = 2.17 behavior change. Now crypt() returns NULL if either salt or password is invalid.

Re: [PATCH] correct_password: Handle NULL from crypt

2014-02-10 Thread Lauri Kasanen
On Mon, Feb 10, 2014, at 10:35, Rich Felker wrote: On Sun, Feb 09, 2014 at 12:52:50PM +0100, Denys Vlasenko wrote: The old behavior was to return ? (I have no old glibc at hand to check it quickly). Since we have exactly one crypt() call in the entire busybox, the easiest fix would

Re: [PATCH] correct_password: Handle NULL from crypt

2014-02-09 Thread Denys Vlasenko
On Mon, Feb 3, 2014 at 5:50 PM, Lauri Kasanen cur...@operamail.com wrote: As with many other software, busybox was also broken by the glibc = 2.17 behavior change. Now crypt() returns NULL if either salt or password is invalid. What is invalid password? I just tested and crypt() returns NULL

Re: [PATCH] correct_password: Handle NULL from crypt

2014-02-09 Thread Denys Vlasenko
On Tue, Feb 4, 2014 at 2:58 PM, Harald Becker ra...@gmx.de wrote: char *res = crypt(clear, salt); if (!res) res = ; return xstrdup(res); Yes, previously crypt returned an empty string like that. Though that will throw a warning about assigning a

Re: [PATCH] correct_password: Handle NULL from crypt

2014-02-04 Thread Ralf Friedl
Lauri Kasanen wrote: As with many other software, busybox was also broken by the glibc = 2.17 behavior change. Now crypt() returns NULL if either salt or password is invalid. This causes busybox 1.21, 1.22, and git su to segfault, when you just press enter at the password prompt (configured to

Re: [PATCH] correct_password: Handle NULL from crypt

2014-02-04 Thread Tito
On Tuesday 04 February 2014 14:44:43 Lauri Kasanen wrote: On Tue, Feb 4, 2014, at 10:43, Ralf Friedl wrote: As with many other software, busybox was also broken by the glibc = 2.17 behavior change. Now crypt() returns NULL if either salt or password is invalid. This causes busybox

Re: [PATCH] correct_password: Handle NULL from crypt

2014-02-04 Thread Harald Becker
Hi ! char *res = crypt(clear, salt); if (!res) res = ; return xstrdup(res); Yes, previously crypt returned an empty string like that. Though that will throw a warning about assigning a const char to char, something similar would work. Why not ... ?

[PATCH] correct_password: Handle NULL from crypt

2014-02-03 Thread Lauri Kasanen
:25 +0200 Subject: [PATCH] correct_password: Handle NULL from crypt glibc = 2.17 may return NULL from crypt if the password or salt is invalid. Signed-off-by: Lauri Kasanen cur...@operamail.com --- libbb/correct_password.c | 4 1 file changed, 4 insertions(+) diff --git a/libbb

Re: [PATCH] correct_password: Handle NULL from crypt

2014-02-03 Thread Tito
On Monday 03 February 2014 17:50:00 Lauri Kasanen wrote: Hi, As with many other software, busybox was also broken by the glibc = 2.17 behavior change. Now crypt() returns NULL if either salt or password is invalid. This causes busybox 1.21, 1.22, and git su to segfault, when you just