Author: brian
Date: Wed May 20 08:32:25 2009
New Revision: 192432
URL: http://svn.freebsd.org/changeset/base/192432
Log:
Verify that the username length is smaller than MAXLOGNAME when
asked to verify a passwd file (pwd_mkdb -C).
Entries with oversized usernames are still permitted when building
the passwd database.
When entries are >= MAXLOGNAME in length, they are correctly stored
in passwd, pwd.db and spwd.db but are only correctly retrieved by
getpwent*() and getpwuid*(). getpwnam*() truncates to MAXLOGNAME - 1
when reading from a file (breaking at least sh, tcsh and bash)
and utilities such as su(1) check, complain and fail if the
passed name is >= MAXLOGNAME in length.
MFC after: 3 weeks
Modified:
head/usr.sbin/pwd_mkdb/pwd_mkdb.c
Modified: head/usr.sbin/pwd_mkdb/pwd_mkdb.c
==============================================================================
--- head/usr.sbin/pwd_mkdb/pwd_mkdb.c Wed May 20 07:31:11 2009
(r192431)
+++ head/usr.sbin/pwd_mkdb/pwd_mkdb.c Wed May 20 08:32:25 2009
(r192432)
@@ -204,7 +204,11 @@ main(int argc, char *argv[])
/* check only if password database is valid */
if (Cflag) {
- for (cnt = 1; scan(fp, &pwd); ++cnt);
+ while (scan(fp, &pwd))
+ if (!is_comment && strlen(pwd.pw_name) >= MAXLOGNAME) {
+ warnx("%s: username too long", pwd.pw_name);
+ exit(1);
+ }
exit(0);
}
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
