[PATCH] correct_password: Handle NULL from crypt
Denys Vlasenko
vda.linux at googlemail.com
Sun Feb 9 11:52:50 UTC 2014
On Mon, Feb 3, 2014 at 5:50 PM, Lauri Kasanen <curaga at operamail.com> wrote:
> As with many other software, busybox was also broken by the glibc >=
> 2.17 behavior change. Now crypt() returns NULL if either salt or
> password is invalid.
What is "invalid password"?
I just tested and crypt() returns NULL if *salt* is invalid (say, "").
It's on glibc 2.17.
The old behavior was to return ""?
(I have no old glibc at hand to check it quickly).
Since we have exactly one crypt() call in the entire busybox,
the easiest fix would be to just add
if (NULL) return "";
there. Are there downsides to that?
More information about the busybox
mailing list