Do not fail password check if shadow password does not exist -

fall back to ordinary one Reduced usage of functions returning datain static buffers. (mostly passwd/group/shadow related): function old new delta correct_password 143 193 +50 sulogin_main 490 533 +43 adduser_main 732 774 +42 passwd_main 1875 1915 +40 addgroup_main 330 365 +35 bb_internal_getspnam 38 - -38 bb_internal_fgetpwent 38 - -38 bb_internal_fgetgrent 38 - -38 static.resultbuf 168 88 -80 static.buffer 1872 1104 -768 ------------------------------------------------------------------------------ (add/remove: 0/3 grow/shrink: 5/2 up/down: 210/-962) Total: -752 bytes
2007-03-13 13:01:14 +00:00
parent c9c893d4f5
commit 5df955fce2
8 changed files with 122 additions and 80 deletions
--- a/libbb/correct_password.c
+++ b/libbb/correct_password.c
@@ -37,19 +37,24 @@

 int correct_password(const struct passwd *pw)
 {
-	char *unencrypted, *encrypted, *correct;
-
-#ifdef CONFIG_FEATURE_SHADOWPASSWDS
-	if (LONE_CHAR(pw->pw_passwd, 'x') || LONE_CHAR(pw->pw_passwd, '*')) {
-		struct spwd *sp = getspnam(pw->pw_name);
-
-		if (!sp)
-			bb_error_msg_and_die("no valid shadow password");
-
-		correct = sp->sp_pwdp;
-	} else
+	char *unencrypted, *encrypted;
+	const char *correct;
+#if ENABLE_FEATURE_SHADOWPASSWDS
+	/* Using _r function to avoid pulling in static buffers */
+	struct spwd spw;
+	struct spwd *result;
+	char buffer[256];
+#endif
+
+	correct = pw->pw_passwd;
+#if ENABLE_FEATURE_SHADOWPASSWDS
+	if (LONE_CHAR(pw->pw_passwd, 'x') || LONE_CHAR(pw->pw_passwd, '*')) {
+		if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result))
+			bb_error_msg("no valid shadow password, checking ordinary one");
+		else
+			correct = spw.sp_pwdp;
+	}
 #endif
-		correct = pw->pw_passwd;

 	if (!correct || correct[0] == '\0')
 		return 1;
@@ -60,5 +65,5 @@ int correct_password(const struct passwd *pw)
 	}
 	encrypted = crypt(unencrypted, correct);
 	memset(unencrypted, 0, strlen(unencrypted));
-	return (!strcmp(encrypted, correct)) ? 1 : 0;
+	return strcmp(encrypted, correct) == 0;
 }
--- a/libbb/lineedit.c
+++ b/libbb/lineedit.c
@@ -342,15 +342,18 @@ static void username_tab_completion(char *ud, char *with_shash_flg)
 		}
 	} else {
 		/* "~[^/]*" */
-		setpwent();
+		/* Using _r function to avoid pulling in static buffers */
+		char line_buff[PWD_BUFFER_SIZE];
+		struct passwd pwd;
+		struct passwd *result;

-		while ((entry = getpwent()) != NULL) {
+		setpwent();
+		while (!getpwent_r(&pwd, line_buff, sizeof(line_buff), &result)) {
 			/* Null usernames should result in all users as possible completions. */
-			if ( /*!userlen || */ !strncmp(ud, entry->pw_name, userlen)) {
-				add_match(xasprintf("~%s/", entry->pw_name));
+			if (/*!userlen || */ strncmp(ud, pwd.pw_name, userlen) == 0) {
+				add_match(xasprintf("~%s/", pwd.pw_name));
 			}
 		}
-
 		endpwent();
 	}
 }