Fix reading loginuid file in getlogin{,_r}.

2024-11-21 01:12:26 +08:00 · 2010-04-08 19:04:33 -07:00 · 2010-04-08 19:04:33 -07:00 · aa6436d6ad
commit aa6436d6ad
parent ad3d3e8f20
2 changed files with 16 additions and 4 deletions
--- a/4
+++ b/4
@ -1,5 +1,9 @@
 2010-04-08  Ulrich Drepper  <drepper@redhat.com>

+	* sysdeps/unix/sysv/linux/getlogin_r.c (__getlogin_r_loginuid): When
+	reading the loginuid file use a buffer which is always large enough.
+	NUL-terminate the string.
+
 	* malloc/malloc.c (_int_malloc): Return NULL if printing error message
 	returns.

--- a/sysdeps/unix/sysv/linux/getlogin_r.c
+++ b/sysdeps/unix/sysv/linux/getlogin_r.c
@ -37,13 +37,20 @@ __getlogin_r_loginuid (name, namesize)
  if (fd == -1)
    return 1;

-  ssize_t n = TEMP_FAILURE_RETRY (read_not_cancel (fd, name, namesize));
+  /* We are reading a 32-bit number.  12 bytes are enough for the text
+     representation.  If not, something is wrong.  */
+  char uidbuf[12];
+  ssize_t n = TEMP_FAILURE_RETRY (read_not_cancel (fd, uidbuf,
+						   sizeof (uidbuf)));
  close_not_cancel_no_status (fd);

  uid_t uid;
  char *endp;
  if (n <= 0
-      || (uid = strtoul (name, &endp, 10), endp == name || *endp != '\0'))
+      || n == sizeof (uidbuf)
+      || (uidbuf[n] = '\0',
+	  uid = strtoul (uidbuf, &endp, 10),
+	  endp == uidbuf || *endp != '\0'))
    return 1;

  size_t buflen = 1024;
@ -84,8 +91,9 @@ __getlogin_r_loginuid (name, namesize)
 }


-/* Return the login name of the user, or NULL if it can't be determined.
-   The returned pointer, if not NULL, is good only until the next call.  */
+/* Return at most NAME_LEN characters of the login name of the user in NAME.
+   If it cannot be determined or some other error occurred, return the error
+   code.  Otherwise return 0.  */

 int
 getlogin_r (name, namesize)