upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-09 08:43:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Verify that the username length is smaller than MAXLOGNAME when

Browse source 
asked to verify a passwd file (pwd_mkdb -C).

Entries with oversized usernames are still permitted when building
the passwd database.

When entries are >= MAXLOGNAME in length, they are correctly stored
in passwd, pwd.db and spwd.db but are only correctly retrieved by
getpwent*() and getpwuid*().  getpwnam*() truncates to MAXLOGNAME - 1
when reading from a file (breaking at least sh, tcsh and bash)
and utilities such as su(1) check, complain and fail if the
passed name is >= MAXLOGNAME in length.

MFC after:	3 weeks
This commit is contained in:
Brian Somers 2009-05-20 08:32:25 +00:00
parent 866772cfa7
commit 15344a5690
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
usr.sbin/pwd_mkdb/pwd_mkdb.c
View file

@ -204,7 +204,11 @@ main(int argc, char *argv[])
/* check only if password database is valid */
if (Cflag) {
for (cnt = 1; scan(fp, &pwd); ++cnt);
while (scan(fp, &pwd))
if (!is_comment && strlen(pwd.pw_name) >= MAXLOGNAME) {
warnx("%s: username too long", pwd.pw_name);
exit(1);
}
exit(0);
}