git: 9c738c4bca57 - stable/13 - login: Use getpwnam_r() instead of getpwnam().
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 17 Jan 2024 18:28:39 UTC
The branch stable/13 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=9c738c4bca57354f9f66ebde0c4b625fa6d6c743 commit 9c738c4bca57354f9f66ebde0c4b625fa6d6c743 Author: Dag-Erling Smørgrav <des@FreeBSD.org> AuthorDate: 2024-01-12 15:40:22 +0000 Commit: Dag-Erling Smørgrav <des@FreeBSD.org> CommitDate: 2024-01-17 16:16:00 +0000 login: Use getpwnam_r() instead of getpwnam(). Since we expect the entry to still be valid after calling into PAM, which may call getpwnam() itself, we need to use getpwnam_r(). MFC after: 1 week Sponsored by: Klara, Inc. Reviewed by: kevans, imp, allanjude, markj Differential Revision: https://reviews.freebsd.org/D43376 (cherry picked from commit a3d80dd8aa6ac15877e00102ab174b417ac81d79) login: Missed an instance of getpwnam(). Fixes: a3d80dd8aa6ac15877e00102ab174b417ac81d79 MFC after: 1 week Sponsored by: Klara, Inc. Reviewed by: allanjude Differential Revision: https://reviews.freebsd.org/D43423 (cherry picked from commit 1e25eb287f3fdd763df98065dbf2e1eb201e4000) --- usr.bin/login/login.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/usr.bin/login/login.c b/usr.bin/login/login.c index c96738151151..d0d4bb4a2394 100644 --- a/usr.bin/login/login.c +++ b/usr.bin/login/login.c @@ -116,6 +116,8 @@ static u_int timeout = 300; /* Buffer for signal handling of timeout */ static jmp_buf timeout_buf; +char pwbuf[1024]; +struct passwd pwres; struct passwd *pwd; static int failures; @@ -321,7 +323,7 @@ main(int argc, char *argv[]) bail(NO_SLEEP_EXIT, 1); } - pwd = getpwnam(username); + (void)getpwnam_r(username, &pwres, pwbuf, sizeof(pwbuf), &pwd); if (pwd != NULL && pwd->pw_uid == 0) rootlogin = 1; @@ -344,7 +346,7 @@ main(int argc, char *argv[]) (void)setpriority(PRIO_PROCESS, 0, 0); } - if (pwd && rval == 0) + if (pwd != NULL && rval == 0) break; pam_cleanup(); @@ -708,8 +710,10 @@ auth_pam(void) pam_err = pam_get_item(pamh, PAM_USER, &item); if (pam_err == PAM_SUCCESS) { tmpl_user = (const char *)item; - if (strcmp(username, tmpl_user) != 0) - pwd = getpwnam(tmpl_user); + if (strcmp(username, tmpl_user) != 0) { + (void)getpwnam_r(tmpl_user, &pwres, pwbuf, + sizeof(pwbuf), &pwd); + } } else { pam_syslog("pam_get_item(PAM_USER)"); }