newgrp: more robust crypt() usage

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/login-utils/newgrp.c b/login-utils/newgrp.c
index 4f6de12a14aea9a6ecd90900e0025c200c752f9f..cca7b32446a99162bf4b992c5beeb5ded5bdf4ae 100644 (file)
--- a/login-utils/newgrp.c
+++ b/login-utils/newgrp.c
@@ -98,10 +98,14 @@ static int allow_setgid(struct passwd *pe, struct group *ge)
        if (!(pwd = get_gshadow_pwd(ge->gr_name)))
                pwd = ge->gr_passwd;
 
-       if (pwd && *pwd && (xpwd = getpass(_("Password: "))))
-               if (strcmp(pwd, crypt(xpwd, pwd)) == 0)
-                       /* password accepted */
+       if (pwd && *pwd && (xpwd = getpass(_("Password: ")))) {
+               char *cbuf = crypt(xpwd, pwd);
+
+               if (!cbuf)
+                       warn(_("crypt() failed"));
+               else if (strcmp(pwd, cbuf) == 0)
                        return TRUE;
+       }
 
        /* default to denial */
        return FALSE;