From 140efda3a263b9e6d922633c418fa9846d35731d Mon Sep 17 00:00:00 2001 From: Mario Rugiero Date: Tue, 25 Sep 2018 15:54:25 -0300 Subject: [PATCH] passwd: fix crashes for unencrypted passwords starting with 'x'. When deciding where the previous hash should come from, is is assumed that 'x' started strings all mean to look in shadow. This is probably harmless in practice, since modern Linux still use only hashes instead of raw passwords. However, this is more robust, and more importantly, it is more consistent with the previous check, which explicitly tests for the string to be "x". --- passwd.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/passwd.c b/passwd.c index afbba9c..0031778 100644 --- a/passwd.c +++ b/passwd.c @@ -210,7 +210,8 @@ main(int argc, char *argv[]) if (pw->pw_passwd[0] == '\0') { goto newpass; } - if (pw->pw_passwd[0] == 'x') + if (pw->pw_passwd[0] == 'x' && + pw->pw_passwd[1] == '\0') prevhash = spw->sp_pwdp; else prevhash = pw->pw_passwd;