diff options
author | Karel Zak | 2013-02-01 18:00:52 +0100 |
---|---|---|
committer | Karel Zak | 2013-02-01 18:00:52 +0100 |
commit | 19a1ca6c0dcf64aa01e24c6b235c81413580804d (patch) | |
tree | 79dd76c54e87ab9dfbcbc2ba8b8b4798ab365ee0 /login-utils | |
parent | libblkid: remove optimization from verify( funrtion (diff) | |
download | kernel-qcow2-util-linux-19a1ca6c0dcf64aa01e24c6b235c81413580804d.tar.gz kernel-qcow2-util-linux-19a1ca6c0dcf64aa01e24c6b235c81413580804d.tar.xz kernel-qcow2-util-linux-19a1ca6c0dcf64aa01e24c6b235c81413580804d.zip |
newgrp: more robust crypt() usage
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'login-utils')
-rw-r--r-- | login-utils/newgrp.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/login-utils/newgrp.c b/login-utils/newgrp.c index 4f6de12a1..cca7b3244 100644 --- a/login-utils/newgrp.c +++ b/login-utils/newgrp.c @@ -98,10 +98,14 @@ static int allow_setgid(struct passwd *pe, struct group *ge) if (!(pwd = get_gshadow_pwd(ge->gr_name))) pwd = ge->gr_passwd; - if (pwd && *pwd && (xpwd = getpass(_("Password: ")))) - if (strcmp(pwd, crypt(xpwd, pwd)) == 0) - /* password accepted */ + if (pwd && *pwd && (xpwd = getpass(_("Password: ")))) { + char *cbuf = crypt(xpwd, pwd); + + if (!cbuf) + warn(_("crypt() failed")); + else if (strcmp(pwd, cbuf) == 0) return TRUE; + } /* default to denial */ return FALSE; |