Module Name: src Committed By: martin Date: Sat Feb 17 16:07:38 UTC 2024
Modified Files: src/libexec/utmp_update [netbsd-10]: utmp_update.c Log Message: Pull up following revision(s) (requested by shm in ticket #595): libexec/utmp_update/utmp_update.c: revision 1.14 Check for non-printable characters in ut_host. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.13.26.1 src/libexec/utmp_update/utmp_update.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/libexec/utmp_update/utmp_update.c diff -u src/libexec/utmp_update/utmp_update.c:1.13 src/libexec/utmp_update/utmp_update.c:1.13.26.1 --- src/libexec/utmp_update/utmp_update.c:1.13 Sun Apr 26 08:56:19 2015 +++ src/libexec/utmp_update/utmp_update.c Sat Feb 17 16:07:38 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: utmp_update.c,v 1.13 2015/04/26 08:56:19 mlelstv Exp $ */ +/* $NetBSD: utmp_update.c,v 1.13.26.1 2024/02/17 16:07:38 martin Exp $ */ /*- * Copyright (c) 2002 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include <sys/cdefs.h> -__RCSID("$NetBSD: utmp_update.c,v 1.13 2015/04/26 08:56:19 mlelstv Exp $"); +__RCSID("$NetBSD: utmp_update.c,v 1.13.26.1 2024/02/17 16:07:38 martin Exp $"); #include <sys/types.h> #include <sys/param.h> @@ -41,6 +41,7 @@ __RCSID("$NetBSD: utmp_update.c,v 1.13 2 #include <err.h> #include <fcntl.h> #include <pwd.h> +#include <ctype.h> #include <utmpx.h> #include <stdlib.h> #include <string.h> @@ -80,6 +81,7 @@ main(int argc, char *argv[]) int res; uid_t euid, ruid; char tty[MAXPATHLEN]; + const char *p, *ep; euid = geteuid(); ruid = getuid(); @@ -115,6 +117,12 @@ main(int argc, char *argv[]) logerr(0, "Invalid utmpx type %d", (int)utx->ut_type); } + p = utx->ut_host; + ep = p + sizeof(utx->ut_host); + for (; p < ep && *p; p++) + if (!isprint((unsigned char)*p)) + logerr(0, "Non-printable characters in hostname"); + if (ruid != 0) { if ((pwd = getpwuid(ruid)) == NULL) logerr(0, "User %ld does not exist in password"