Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src/lib/libc/gen Pull up revision 1.49 (requested by he):
details: https://anonhg.NetBSD.org/src/rev/0456ec34cfbd
branches: netbsd-1-5
changeset: 493062:0456ec34cfbd
user: he <he%NetBSD.org@localhost>
date: Wed Apr 17 11:45:21 2002 +0000
description:
Pull up revision 1.49 (requested by he):
Return an error if we try to look up a user name that is too long,
rather than trying to truncate. Fixes non-exploitable core dump
problem inside DB.
diffstat:
lib/libc/gen/getpwent.c | 13 ++++++++-----
1 files changed, 8 insertions(+), 5 deletions(-)
diffs (45 lines):
diff -r 712148b476c4 -r 0456ec34cfbd lib/libc/gen/getpwent.c
--- a/lib/libc/gen/getpwent.c Wed Apr 17 11:34:54 2002 +0000
+++ b/lib/libc/gen/getpwent.c Wed Apr 17 11:45:21 2002 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: getpwent.c,v 1.46.4.2 2000/10/11 03:35:18 enami Exp $ */
+/* $NetBSD: getpwent.c,v 1.46.4.3 2002/04/17 11:45:21 he Exp $ */
/*
* Copyright (c) 1988, 1993
@@ -39,7 +39,7 @@
#if 0
static char sccsid[] = "@(#)getpwent.c 8.2 (Berkeley) 4/27/95";
#else
-__RCSID("$NetBSD: getpwent.c,v 1.46.4.2 2000/10/11 03:35:18 enami Exp $");
+__RCSID("$NetBSD: getpwent.c,v 1.46.4.3 2002/04/17 11:45:21 he Exp $");
#endif
#endif /* LIBC_SCCS and not lint */
@@ -406,7 +406,8 @@
DBT key;
char bf[/*CONSTCOND*/ MAX(MAXLOGNAME, sizeof(_pw_keynum)) + 1];
uid_t uid;
- int search, len, rval;
+ size_t len;
+ int search, rval;
const char *name;
if (!_pw_db && !__initdb())
@@ -425,12 +426,14 @@
case _PW_KEYBYNAME:
name = va_arg(ap, const char *);
len = strlen(name);
- memmove(bf + 1, name, (size_t)MIN(len, MAXLOGNAME));
+ if (len > MAXLOGNAME)
+ return NS_NOTFOUND;
+ memmove(bf + 1, name, len);
key.size = len + 1;
break;
case _PW_KEYBYUID:
uid = va_arg(ap, uid_t);
- memmove(bf + 1, &uid, sizeof(len));
+ memmove(bf + 1, &uid, sizeof(uid));
key.size = sizeof(uid) + 1;
break;
default:
Home |
Main Index |
Thread Index |
Old Index