tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (djm) [loginrec.c] Check for username truncation when looking up lastlog 

entries
This commit is contained in:
Damien Miller 2013-12-29 17:40:18 +11:00
parent 77244afe3b
commit 7d97fd9a1c
2 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,3 +1,7 @@
20131229
- (djm) [loginrec.c] Check for username truncation when looking up lastlog
entries
20131221 20131221
- (dtucker) [regress/keytype.sh] Actually test ecdsa key types. - (dtucker) [regress/keytype.sh] Actually test ecdsa key types.

10
loginrec.c
View File

@ -310,9 +310,12 @@ login_get_lastlog(struct logininfo *li, const uid_t uid)
fatal("%s: Cannot find account for uid %ld", __func__, fatal("%s: Cannot find account for uid %ld", __func__,
(long)uid); (long)uid);
/* No MIN_SIZEOF here - we absolutely *must not* truncate the if (strlcpy(li->username, pw->pw_name, sizeof(li->username)) >=
* username (XXX - so check for trunc!) */ sizeof(li->username)) {
strlcpy(li->username, pw->pw_name, sizeof(li->username)); error("%s: username too long (%lu > max %lu)", __func__,
strlen(pw->pw_name), sizeof(li->username) - 1);
return NULL;
}
if (getlast_entry(li)) if (getlast_entry(li))
return (li); return (li);
@ -320,7 +323,6 @@ login_get_lastlog(struct logininfo *li, const uid_t uid)
return (NULL); return (NULL);
} }
/* /*
* login_alloc_entry(int, char*, char*, char*) - Allocate and initialise * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
* a logininfo structure * a logininfo structure