diff options
| -rw-r--r-- | package/utils/busybox/Makefile | 2 | ||||
| -rw-r--r-- | package/utils/busybox/patches/520-loginutils-handle-crypt-failures.patch | 53 |
2 files changed, 54 insertions, 1 deletions
diff --git a/package/utils/busybox/Makefile b/package/utils/busybox/Makefile index 74dbf84d3b..3969bbeb18 100644 --- a/package/utils/busybox/Makefile +++ b/package/utils/busybox/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=busybox PKG_VERSION:=1.30.0 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_FLAGS:=essential PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 diff --git a/package/utils/busybox/patches/520-loginutils-handle-crypt-failures.patch b/package/utils/busybox/patches/520-loginutils-handle-crypt-failures.patch new file mode 100644 index 0000000000..d44375426f --- /dev/null +++ b/package/utils/busybox/patches/520-loginutils-handle-crypt-failures.patch @@ -0,0 +1,53 @@ +--- a/loginutils/chpasswd.c ++++ b/loginutils/chpasswd.c +@@ -97,6 +97,11 @@ int chpasswd_main(int argc UNUSED_PARAM, + + crypt_make_pw_salt(salt, algo); + free_me = pass = pw_encrypt(pass, salt, 0); ++ ++ if (pass[0] == 0) { ++ free(free_me); ++ bb_perror_msg_and_die("password encryption failed"); ++ } + } + + /* This is rather complex: if user is not found in /etc/shadow, +--- a/loginutils/cryptpw.c ++++ b/loginutils/cryptpw.c +@@ -95,7 +95,7 @@ int cryptpw_main(int argc UNUSED_PARAM, + /* Supports: cryptpw -m sha256 PASS 'rounds=999999999$SALT' */ + char salt[MAX_PW_SALT_LEN + sizeof("rounds=999999999$")]; + char *salt_ptr; +- char *password; ++ char *password, *hash; + const char *opt_m, *opt_S; + int fd; + +@@ -140,8 +140,12 @@ int cryptpw_main(int argc UNUSED_PARAM, + /* may still be NULL on EOF/error */ + } + +- if (password) +- puts(pw_encrypt(password, salt, 1)); ++ if (password) { ++ hash = pw_encrypt(password, salt, 1); ++ if (hash[0] == 0) ++ bb_perror_msg_and_die("password encryption failed"); ++ puts(hash); ++ } + + return EXIT_SUCCESS; + } +--- a/loginutils/passwd.c ++++ b/loginutils/passwd.c +@@ -187,6 +187,10 @@ int passwd_main(int argc UNUSED_PARAM, c + if (!newp) { + logmode = LOGMODE_STDIO; + bb_error_msg_and_die("password for %s is unchanged", name); ++ } else if (newp[0] == 0) { ++ logmode = LOGMODE_STDIO; ++ free(newp); ++ bb_perror_msg_and_die("password encryption failed"); + } + } else if (opt & OPT_lock) { + if (!c) |