1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
From ecb608192a48d3688e1a0a21027bfd968d3301a1 Mon Sep 17 00:00:00 2001
From: Rich Felker <dalias@aerifal.cx>
Date: Wed, 21 Jan 2015 14:26:05 -0500
Subject: [PATCH] fix erroneous return of partial username matches by
getspnam[_r]
when using /etc/shadow (rather than tcb) as its backend, getspnam_r
matched any username starting with the caller-provided string rather
than requiring an exact match. in practice this seems to have affected
only systems where one valid username is a prefix for another valid
username, and where the longer username appears first in the shadow
file.
---
src/passwd/getspnam_r.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/passwd/getspnam_r.c b/src/passwd/getspnam_r.c
index 15f8c87..9233952 100644
--- a/src/passwd/getspnam_r.c
+++ b/src/passwd/getspnam_r.c
@@ -98,7 +98,7 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct
pthread_cleanup_push(cleanup, f);
while (fgets(buf, size, f) && (k=strlen(buf))>0) {
- if (skip || strncmp(name, buf, l)) {
+ if (skip || strncmp(name, buf, l) || buf[l]!=':') {
skip = buf[k-1] != '\n';
continue;
}
--
2.3.3
|
