35 lines
1.1 KiB
Diff
35 lines
1.1 KiB
Diff
From 63a96706b1205f91c4a57de21ac56e996d270ff1 Mon Sep 17 00:00:00 2001
|
|
From: Tobias Stoeckmann <tobias@stoeckmann.org>
|
|
Date: Fri, 29 Oct 2021 19:44:46 +0200
|
|
Subject: [PATCH] Handle malformed lines in hushlogins file.
|
|
|
|
If a line in hushlogins file, e.g. /etc/hushlogins, starts with
|
|
'\0', then current code performs an out of boundary write.
|
|
If the line lacks a newline at the end, then another character is
|
|
overridden.
|
|
|
|
With strcspn both cases are solved.
|
|
|
|
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
|
|
|
Conflict: NA
|
|
Reference: https://github.com/shadow-maint/shadow/commit/63a96706b1205f91c4a57de21ac56e996d270ff1
|
|
|
|
---
|
|
libmisc/hushed.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/libmisc/hushed.c b/libmisc/hushed.c
|
|
index b71b99ce2..3c3adafca 100644
|
|
--- a/libmisc/hushed.c
|
|
+++ b/libmisc/hushed.c
|
|
@@ -90,7 +90,7 @@ bool hushed (const char *username)
|
|
return false;
|
|
}
|
|
for (found = false; !found && (fgets (buf, (int) sizeof buf, fp) == buf);) {
|
|
- buf[strlen (buf) - 1] = '\0';
|
|
+ buf[strcspn (buf, "\n")] = '\0';
|
|
found = (strcmp (buf, pw->pw_shell) == 0) ||
|
|
(strcmp (buf, pw->pw_name) == 0);
|
|
}
|