]> git.ipfire.org Git - thirdparty/util-linux.git/commitdiff
login: prevent OOB read on illegal /etc/hushlogins
authorTobias Stoeckmann <tobias@stoeckmann.org>
Sun, 12 Mar 2017 16:49:45 +0000 (17:49 +0100)
committerKarel Zak <kzak@redhat.com>
Mon, 13 Mar 2017 11:46:49 +0000 (12:46 +0100)
If the file /etc/hushlogins exists and a line starts with '\0', the
login tools are prone to an off-by-one read.

I see no reliability issue with this, as it would clearly need a
hostile action from a system administrator. But for the sake of
correctness, I've sent this patch nonetheless.

login-utils/logindefs.c

index f02c4752db603d35a1a27721ffc1ca18b0d5dfd1..213ff8d259d36599d05ef4cd16b1ad99b73abc49 100644 (file)
@@ -344,7 +344,8 @@ int get_hushlogin_status(struct passwd *pwd, int force_check)
                                continue;       /* ignore errors... */
 
                        while (ok == 0 && fgets(buf, sizeof(buf), f)) {
-                               buf[strlen(buf) - 1] = '\0';
+                               if (buf[0] != '\0')
+                                       buf[strlen(buf) - 1] = '\0';
                                ok = !strcmp(buf, *buf == '/' ? pwd->pw_shell :
                                                                pwd->pw_name);
                        }