From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Sun, 4 Jan 2026 15:26:13 +0000 (+0100)
Subject: setpwnam: check if /etc/passwd was fully read
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=859450b47fd0248b00f155f5d85ea728996cf719;p=thirdparty%2Futil-linux.git

setpwnam: check if /etc/passwd was fully read

An error while reading the existing /etc/passwd should be properly
handled to avoid truncation due to a bad read.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
---

diff --git a/login-utils/setpwnam.c b/login-utils/setpwnam.c
index e55fbb234..d2ecb00ea 100644
--- a/login-utils/setpwnam.c
+++ b/login-utils/setpwnam.c
@@ -141,6 +141,10 @@ int setpwnam(struct passwd *pwd, const char *prefix)
 		/* Nothing in particular happened, copy input to output */
 		fputs(linebuf, fp);
 	}
+	if (!feof(pwf))
+		goto fail;
+	fclose(pwf);	/* I don't think I want to know if this failed */
+	pwf = NULL;
 
 	/* xfmkstemp is too restrictive by default for passwd file */
 	if (fchmod(fileno(fp), 0644) < 0)
@@ -150,9 +154,6 @@ int setpwnam(struct passwd *pwd, const char *prefix)
 	if (rc != 0)
 		goto fail;
 
-	fclose(pwf);	/* I don't think I want to know if this failed */
-	pwf = NULL;
-
 	if (!found) {
 		errno = ENOENT;	/* give me something better */
 		goto fail;