newgrp: more robust crypt() usage

Signed-off-by: Karel Zak <kzak@redhat.com>
author: Karel Zak 2013-02-01 18:00:52 +0100
committer: Karel Zak 2013-02-01 18:00:52 +0100
commit: 19a1ca6c0dcf64aa01e24c6b235c81413580804d (patch)
tree: 79dd76c54e87ab9dfbcbc2ba8b8b4798ab365ee0 /login-utils/newgrp.c
parent: libblkid: remove optimization from verify( funrtion (diff)
download: kernel-qcow2-util-linux-19a1ca6c0dcf64aa01e24c6b235c81413580804d.tar.gz
kernel-qcow2-util-linux-19a1ca6c0dcf64aa01e24c6b235c81413580804d.tar.xz
kernel-qcow2-util-linux-19a1ca6c0dcf64aa01e24c6b235c81413580804d.zip
1 files changed, 7 insertions, 3 deletions
diff --git a/login-utils/newgrp.c b/login-utils/newgrp.c
index 4f6de12a1..cca7b3244 100644
--- a/login-utils/newgrp.c
+++ b/login-utils/newgrp.c
@@ -98,10 +98,14 @@ static int allow_setgid(struct passwd *pe, struct group *ge)
 	if (!(pwd = get_gshadow_pwd(ge->gr_name)))
 		pwd = ge->gr_passwd;
 
-	if (pwd && *pwd && (xpwd = getpass(_("Password: "))))
-		if (strcmp(pwd, crypt(xpwd, pwd)) == 0)
-			/* password accepted */
+	if (pwd && *pwd && (xpwd = getpass(_("Password: ")))) {
+		char *cbuf = crypt(xpwd, pwd);
+
+		if (!cbuf)
+			warn(_("crypt() failed"));
+		else if (strcmp(pwd, cbuf) == 0)
 			return TRUE;
+	}
 
 	/* default to denial */
 	return FALSE;
author	Karel Zak	2013-02-01 18:00:52 +0100
committer	Karel Zak	2013-02-01 18:00:52 +0100
commit	19a1ca6c0dcf64aa01e24c6b235c81413580804d (patch)
tree	79dd76c54e87ab9dfbcbc2ba8b8b4798ab365ee0 /login-utils/newgrp.c
parent	libblkid: remove optimization from verify( funrtion (diff)
download	kernel-qcow2-util-linux-19a1ca6c0dcf64aa01e24c6b235c81413580804d.tar.gz kernel-qcow2-util-linux-19a1ca6c0dcf64aa01e24c6b235c81413580804d.tar.xz kernel-qcow2-util-linux-19a1ca6c0dcf64aa01e24c6b235c81413580804d.zip