14726 – Blank password in /etc/passwd results in no username displayed in a prompt

Bug 14726 - Blank password in /etc/passwd results in no username displayed in a prompt

Summary: Blank password in /etc/passwd results in no username displayed in a prompt

Status:	RESOLVED FIXED

Alias:	None

Product:	Busybox
Classification:	Unclassified
Component:	Standard Compliance (show other bugs)
Version:	1.33.x
Hardware:	Other Linux

Importance:	P5 normal
Target Milestone:	---
Assignee:	unassigned

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-03-30 13:18 UTC by tgm
Modified:	2022-04-27 14:11 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:

Attachments
Dot config file (28.47 KB, application/octet-stream) 2022-03-30 13:18 UTC, tgm	Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description tgm 2022-03-30 13:18:51 UTC

Created attachment 9261 [details]
Dot config file

The actual version is 1.34.1, but it wasn't possible to select that version during bug submitting.

The general problem is with no username being displayed when there is a blank password in /etc/passwd.


PS is set to:
----------------------

$ echo $PS1
\u@\h:\w\$


/etc/passwd:
----------------------

root:x:0:0:root:/root:/bin/ash
# (Skipped...)
analog::1000:1000:analog,,,:/home/analog:/bin/ash


Obviously the 'analog' user does not have its name in a prompt and root has. Adding or removing 'x' in password field fixes (or creates) the problem regardless of user account (also checked with the second non-root user -- just not shown here).

According to manpage (man 5 passwd), the password field can be blank, thus I marked it as 'Standard Compliance'. Man page also say that using 'x' as a password requires providing corresponding /etc/shadow, which I have no intention of adding. Besides, /etc/shadow is parsed using probably the exact same mechanism, so it doesn't look like a viable solution.

NOTE: It worked fine with BusyBox 1.24.2.

If this can be fixed with .config tweaking, I would be grateful for some hints. :)

If it is important, I use it with musl libc 1.2.2, Binutils 2.38, compiled with GCC 11.2.

Xilinx's Linux:
$ uname -r
4.14.0-xilinx-ge77ffb40e9a0





I was able to track the problem to 'parse_common' function in 'libpwdgrp/pwd_grp.c', these line(s):

		if (strcmp(key, nth_string(buf, field_pos)) == 0) {
			/* record found */
			break;
		}

It seems that 'nth_string' in 'libbb/compare_string_array.c' treats two consecutive '\0' as the end of the string (Huffman wouldn't be proud :)).

nth_string(buf, field_pos) returns this (compare with
/etc/shadow file excerpt shown above):
-------------------------------------------------------

ash: TGM: pwd_grp: parse_common: buf (after tokenize): [root]
ash: TGM: pwd_grp: parse_common: nth_string_result: [0]
ash: TGM: pwd_grp: parse_common: buf (after tokenize): [analog]
ash: TGM: pwd_grp: parse_common: nth_string_result: []

While the 'key' passed to parse_common was: '1000'


Call stack:
----------------
shell/ash.c: ??? -> ??? // I'm not sure if I started from here...
libbb/lineedit.c: read_line_input-> // user_buf is set to NULL, due to:
libpwdgrp/pwd_grp.c: getpwuid -> getXXXnam -> parse_file -> parse_common

Comment 1 Oliver Endriss 2022-04-20 14:48:02 UTC

Note that all functions which get the user name from /etc/passwd are affected:
ls -l, ps, whoami, etc.

The bug was introduced by commit c9fc15359ef8fe5aa98ab0308c1563d9bcf99bb8

With this commit, nth_string() does not longer work with an empty field in the middle of the line, for example an empty password field in /etc/password.

Please revert this commit!

Regards,
Oliver

Comment 2 Denys Vlasenko 2022-04-27 14:11:26 UTC

Fixed in git.