[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_4-101-g393f4
From: |
Tim Ruehsen |
Subject: |
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_4-101-g393f4c6 |
Date: |
Sat, 29 Feb 2020 14:10:25 -0500 (EST) |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via 393f4c6c3e3761ceed843cb3990169a5ef2f89d1 (commit)
from 2343dc2e3547bb4c724c486bdad9c4ba7468053f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=393f4c6c3e3761ceed843cb3990169a5ef2f89d1
commit 393f4c6c3e3761ceed843cb3990169a5ef2f89d1
Author: Tim Rühsen <address@hidden>
Date: Sat Feb 29 20:10:21 2020 +0100
uucpd: Fix buffer overflows
diff --git a/src/uucpd.c b/src/uucpd.c
index 5674004..edebb20 100644
--- a/src/uucpd.c
+++ b/src/uucpd.c
@@ -310,13 +310,15 @@ dologout (void)
}
}
+# define SCPYN(a, b) strncpy(a, b, sizeof (a) - 1); (a)[sizeof (a) - 1] = 0
+
/*
* Record login in wtmp file.
*/
void
dologin (struct passwd *pw, struct sockaddr *sap, socklen_t salen)
{
- char line[32];
+ char line[NI_MAXHOST]; /* remote is copied here later on */
#if defined PATH_LASTLOG && defined HAVE_STRUCT_LASTLOG
int f;
#endif
@@ -353,7 +355,7 @@ dologin (struct passwd *pw, struct sockaddr *sap, socklen_t
salen)
if (hp)
{
- strncpy (remotehost, hp->h_name, sizeof (remotehost));
+ SCPYN (remotehost, hp->h_name);
endhostent ();
}
else
@@ -378,9 +380,9 @@ dologin (struct passwd *pw, struct sockaddr *sap, socklen_t
salen)
ut.ut_type = USER_PROCESS;
ut.ut_pid = getpid();
- strncpy (ut.ut_line, line, sizeof (ut.ut_line));
- strncpy (ut.ut_user, pw->pw_name, sizeof (ut.ut_user));
- strncpy (ut.ut_host, remotehost, sizeof (ut.ut_host));
+ SCPYN (ut.ut_line, line);
+ SCPYN (ut.ut_user, pw->pw_name);
+ SCPYN (ut.ut_host, remotehost);
# ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN
if (strlen (remotehost) < sizeof (ut.ut_host))
ut.ut_syslen = strlen (remotehost) + 1;
@@ -398,7 +400,6 @@ dologin (struct passwd *pw, struct sockaddr *sap, socklen_t
salen)
#endif /* HAVE_PUTUTXLINE && !HAVE_LOGWTMPX && !HAVE_LOGWTMP */
#if defined PATH_LASTLOG && defined HAVE_STRUCT_LASTLOG
-# define SCPYN(a, b) strncpy(a, b, sizeof (a))
f = open (PATH_LASTLOG, O_RDWR);
if (f >= 0)
{
@@ -408,7 +409,7 @@ dologin (struct passwd *pw, struct sockaddr *sap, socklen_t
salen)
time (&t);
ll.ll_time = t;
lseek (f, (long) pw->pw_uid * sizeof (struct lastlog), 0);
- strcpy (line, remotehost);
+ SCPYN (line, remotehost);
SCPYN (ll.ll_line, line);
SCPYN (ll.ll_host, remotehost);
write (f, (char *) &ll, sizeof (ll));
-----------------------------------------------------------------------
Summary of changes:
src/uucpd.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
hooks/post-receive
--
GNU Inetutils
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Inetutils branch, master, updated. inetutils-1_9_4-101-g393f4c6,
Tim Ruehsen <=