From 15344a56903b4a79b565e45c3d8b40ee7ca37b9d Mon Sep 17 00:00:00 2001 From: Brian Somers Date: Wed, 20 May 2009 08:32:25 +0000 Subject: [PATCH] Verify that the username length is smaller than MAXLOGNAME when asked to verify a passwd file (pwd_mkdb -C). Entries with oversized usernames are still permitted when building the passwd database. When entries are >= MAXLOGNAME in length, they are correctly stored in passwd, pwd.db and spwd.db but are only correctly retrieved by getpwent*() and getpwuid*(). getpwnam*() truncates to MAXLOGNAME - 1 when reading from a file (breaking at least sh, tcsh and bash) and utilities such as su(1) check, complain and fail if the passed name is >= MAXLOGNAME in length. MFC after: 3 weeks --- usr.sbin/pwd_mkdb/pwd_mkdb.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/usr.sbin/pwd_mkdb/pwd_mkdb.c b/usr.sbin/pwd_mkdb/pwd_mkdb.c index 3c8ca252a0c..2abbcdf34c9 100644 --- a/usr.sbin/pwd_mkdb/pwd_mkdb.c +++ b/usr.sbin/pwd_mkdb/pwd_mkdb.c @@ -204,7 +204,11 @@ main(int argc, char *argv[]) /* check only if password database is valid */ if (Cflag) { - for (cnt = 1; scan(fp, &pwd); ++cnt); + while (scan(fp, &pwd)) + if (!is_comment && strlen(pwd.pw_name) >= MAXLOGNAME) { + warnx("%s: username too long", pwd.pw_name); + exit(1); + } exit(0); }