--- shadow-4.0.17/src/chpasswd.c.overflow	2006-11-08 11:09:32.000000000 +0100
+++ shadow-4.0.17/src/chpasswd.c	2006-11-08 13:13:15.000000000 +0100
@@ -239,9 +239,13 @@
 		newpwd = cp;
 		if (!eflg) {
 			if (md5flg) {
-				char salt[12] = "$1$";
+				char tmp[12];
+				char salt[15] = "\0";
 
-				strcat (salt, crypt_make_salt ());
+				strcpy( tmp, crypt_make_salt ());
+				if( !strncmp( tmp, "$1$", 3) )
+					strcat( salt, "$1$");
+				strcat( salt, tmp);
 				cp = pw_encrypt (newpwd, salt);
 			} else
 				cp = pw_encrypt (newpwd, crypt_make_salt ());
--- shadow-4.0.17/src/chgpasswd.c.overflow	2006-11-08 13:13:40.000000000 +0100
+++ shadow-4.0.17/src/chgpasswd.c	2006-11-08 13:17:24.000000000 +0100
@@ -243,9 +243,13 @@
 		newpwd = cp;
 		if (!eflg) {
 			if (md5flg) {
-				char salt[12] = "$1$";
+				char tmp[12];
+				char salt[15] = "\0";
 
-				strcat (salt, crypt_make_salt ());
+				strcpy( tmp, crypt_make_salt ());
+				if( !strncmp( tmp, "$1$", 3) )
+					strcat( salt, "$1$");
+				strcat( salt, tmp);
 				cp = pw_encrypt (newpwd, salt);
 			} else
 				cp = pw_encrypt (newpwd, crypt_make_salt ());