bin/171815: run_file in atrun does not allocate enough space for fmt

[Jeremy Huddleston Sequoia]

>Number:         171815
>Category:       bin
>Synopsis:       run_file in atrun does not allocate enough space for fmt
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Sep 20 17:40:03 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Jeremy Huddleston Sequoia
>Release:        HEAD
>Organization:
Apple Inc
>Environment:
OS X
>Description:
src/libexec/atrun/atrun.c does the following:

static void
run_file(const char *filename, uid_t uid, gid_t gid)
{
..
    char mailbuf[MAXLOGNAME], fmt[49];
..
    snprintf(fmt, sizeof(fmt),
	"#!/bin/sh\n# atrun uid=%%ld gid=%%ld\n# mail %%%ds %%d",
                          MAXLOGNAME - 1);
..

The problem is that the string being written is can be more than 48 characters long.  Indeed if MAXLOGNAME is 255, we need 50 bytes to hold the string.

This results in atrun erring out on systems where MAXLOGNAME > 100.
>How-To-Repeat:

>Fix:
Index: atrun.c
===================================================================
--- atrun.c	(revision 3476)
+++ atrun.c	(working copy)
@@ -123,7 +123,7 @@
     pid_t pid;
     int fd_out, fd_in;
     int queue;
-    char mailbuf[MAXLOGNAME], fmt[49];
+    char mailbuf[MAXLOGNAME], fmt[64];
     char *mailname = NULL;
     FILE *stream;
     int send_mail = 0;


>Release-Note:
>Audit-Trail:
>Unformatted: