Tobias Stoeckmann wrote:
>
> And I still think that the current code is a bit too permissive in parsing
> things. I mean what's the point in allowing lines like:
>
> sometextwithoutspace/bin/ksh should be used for logins # seriously!
>
> Which would result in /bin/ksh, by the way.
>
> Didn't
To me the new code seems broken. It keeps a fd open between
libc calls. It requires endusershell() to be called later.
Not even close-on-exec can work here, because libc is remembering
a FILE * referring to an open fd.
Leaving a fd open between libc calls is verboten, unless there is
Tobias Stoeckmann wrote:
> There's still a possible overflow in getusershell.c. We could increase
> the buffer allocation yet again, but I have to agree with the glibc
> developers here: enough is enough. The code is ugly and has proven to be
> difficult to review.
Another approach is to rewrite
> Index: gen/getusershell.c
> ===
> RCS file: /cvs/src/lib/libc/gen/getusershell.c,v
> retrieving revision 1.16
> diff -u -p -r1.16 getusershell.c
> --- gen/getusershell.c14 Sep 2015 16:09:13 - 1.16
> +++
On Sat, Dec 05, 2015 at 01:25:10PM -0500, Ted Unangst wrote:
> ok. i was going to leave the behavior alone, but we can fix that too.
>
> - use getline to read lines of any length.
> - only consider lines that start with a /.
> - truncate lines after a #, but not after spaces.
ok tobias, thanks
On Sat, Dec 05, 2015 at 01:25:10PM -0500, Ted Unangst wrote:
> Tobias Stoeckmann wrote:
> >
> > And I still think that the current code is a bit too permissive in parsing
> > things. I mean what's the point in allowing lines like:
> >
> > sometextwithoutspace/bin/ksh should be used for logins #
There's still a possible overflow in getusershell.c. We could increase
the buffer allocation yet again, but I have to agree with the glibc
developers here: enough is enough. The code is ugly and has proven to be
difficult to review.
The overflow has been spotted by Paul Pluzhnikov, after I
On Fri, Dec 4, 2015 at 2:54 PM, Tobias Stoeckmann wrote:
> On Fri, Dec 04, 2015 at 03:47:07PM -0700, Theo de Raadt wrote:
>> > Is it worth it, knowing that it's a deprecated BSD-specific function?
>>
>> Careful there :-) It isn't deprecated in the BSD's, and it isn't
>>