[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: des_crypt broken?
From: Marc Leeman <marc.leeman () gmail ! com>
Date: 2009-04-30 9:44:46
Message-ID: 20090430094446.GA10108 () crichton ! homelinux ! org
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
[Attachment #4 (multipart/mixed)]
When looking into a problem with su on 1.14.0; I noticed that a call to
des_crypt returns an extra '.' at the end of my password hash:
$ /tmp/busybox.1.14.0 su -
su: DES crypt.
su: Got encrypted password "AD/RWViaSZiqY.".
$ cat /etc/passwd
root:AD/RWViaSZiqY:0:0:root:/root:/bin/sh
Considering DES, the (13 chars); this '.' is probably wrong.
I "fixed" this by adding:
output[13] = NULL;
just before return output in des_crypt; there is probably a better
location to do this.
--
greetz, marc
What is wanted is not the will to believe, but the will to find out,
which is the exact opposite.
-- Bertrand Russell, "Skeptical Essays", 1928
crichton 2.6.26 #1 PREEMPT Tue Jul 29 21:17:59 CDT 2008 GNU/Linux
["crypt_des.diff" (text/x-diff)]
---
libbb/pw_encrypt_des.c | 2 ++
1 file changed, 2 insertions(+)
Index: busybox-1.14.0/libbb/pw_encrypt_des.c
===================================================================
--- busybox-1.14.0.orig/libbb/pw_encrypt_des.c
+++ busybox-1.14.0/libbb/pw_encrypt_des.c
@@ -782,6 +782,8 @@
to64_msb_first(output + 10, (r1 << 8));
#endif
+ output[13] = NULL;
+
return output;
}
["signature.asc" (application/pgp-signature)]
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic