aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils
diff options
context:
space:
mode:
Diffstat (limited to 'package/utils')
-rw-r--r--package/utils/busybox/Makefile2
-rw-r--r--package/utils/busybox/patches/520-loginutils-handle-crypt-failures.patch53
2 files changed, 54 insertions, 1 deletions
diff --git a/package/utils/busybox/Makefile b/package/utils/busybox/Makefile
index 74dbf84d3b..3969bbeb18 100644
--- a/package/utils/busybox/Makefile
+++ b/package/utils/busybox/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=busybox
PKG_VERSION:=1.30.0
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_FLAGS:=essential
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
diff --git a/package/utils/busybox/patches/520-loginutils-handle-crypt-failures.patch b/package/utils/busybox/patches/520-loginutils-handle-crypt-failures.patch
new file mode 100644
index 0000000000..d44375426f
--- /dev/null
+++ b/package/utils/busybox/patches/520-loginutils-handle-crypt-failures.patch
@@ -0,0 +1,53 @@
+--- a/loginutils/chpasswd.c
++++ b/loginutils/chpasswd.c
+@@ -97,6 +97,11 @@ int chpasswd_main(int argc UNUSED_PARAM,
+
+ crypt_make_pw_salt(salt, algo);
+ free_me = pass = pw_encrypt(pass, salt, 0);
++
++ if (pass[0] == 0) {
++ free(free_me);
++ bb_perror_msg_and_die("password encryption failed");
++ }
+ }
+
+ /* This is rather complex: if user is not found in /etc/shadow,
+--- a/loginutils/cryptpw.c
++++ b/loginutils/cryptpw.c
+@@ -95,7 +95,7 @@ int cryptpw_main(int argc UNUSED_PARAM,
+ /* Supports: cryptpw -m sha256 PASS 'rounds=999999999$SALT' */
+ char salt[MAX_PW_SALT_LEN + sizeof("rounds=999999999$")];
+ char *salt_ptr;
+- char *password;
++ char *password, *hash;
+ const char *opt_m, *opt_S;
+ int fd;
+
+@@ -140,8 +140,12 @@ int cryptpw_main(int argc UNUSED_PARAM,
+ /* may still be NULL on EOF/error */
+ }
+
+- if (password)
+- puts(pw_encrypt(password, salt, 1));
++ if (password) {
++ hash = pw_encrypt(password, salt, 1);
++ if (hash[0] == 0)
++ bb_perror_msg_and_die("password encryption failed");
++ puts(hash);
++ }
+
+ return EXIT_SUCCESS;
+ }
+--- a/loginutils/passwd.c
++++ b/loginutils/passwd.c
+@@ -187,6 +187,10 @@ int passwd_main(int argc UNUSED_PARAM, c
+ if (!newp) {
+ logmode = LOGMODE_STDIO;
+ bb_error_msg_and_die("password for %s is unchanged", name);
++ } else if (newp[0] == 0) {
++ logmode = LOGMODE_STDIO;
++ free(newp);
++ bb_perror_msg_and_die("password encryption failed");
+ }
+ } else if (opt & OPT_lock) {
+ if (!c)