Date: Sat, 5 Apr 2014 18:14:58 +0000 (UTC) From: Marcel Moolenaar <marcel@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r264161 - head/lib/libc/gen Message-ID: <201404051814.s35IEwfl016392@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: marcel Date: Sat Apr 5 18:14:58 2014 New Revision: 264161 URL: http://svnweb.freebsd.org/changeset/base/264161 Log: The getlogin_basic() function can return a 0 status with a NULL pointer for the login name (result). Make sure to handle that case properly. Improve robustness by checking namelen and then nul-terminating the provided buffer to simplify subsequent logic. Obtained from: Juniper Networks, Inc. MFC after: 1 week Modified: head/lib/libc/gen/getlogin.c Modified: head/lib/libc/gen/getlogin.c ============================================================================== --- head/lib/libc/gen/getlogin.c Sat Apr 5 18:13:28 2014 (r264160) +++ head/lib/libc/gen/getlogin.c Sat Apr 5 18:14:58 2014 (r264161) @@ -87,11 +87,16 @@ getlogin_r(char *logname, int namelen) char *result; int len; int status; - + + if (namelen < 1) + return (ERANGE); + logname[0] = '\0'; + THREAD_LOCK(); result = getlogin_basic(&status); - if (status == 0) { - if ((len = strlen(result) + 1) > namelen) + if (status == 0 && result != NULL) { + len = strlen(result) + 1; + if (len > namelen) status = ERANGE; else strncpy(logname, result, len);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201404051814.s35IEwfl016392>