Inicio Explorar Axuda
Iniciar sesión
hongwenjun
/
musl
réplica de https://git.musl-libc.org/git/musl
1
0
Fork 0
Ficheiros Incidencias 0 Wiki
Explorar o código

fix erroneous return of partial username matches by getspnam[_r]

when using /etc/shadow (rather than tcb) as its backend, getspnam_r
matched any username starting with the caller-provided string rather
than requiring an exact match. in practice this seems to have affected
only systems where one valid username is a prefix for another valid
username, and where the longer username appears first in the shadow
file.
Rich Felker %!s(int64=10) %!d(string=hai) anos
pai
63cac4e29a
achega
ecb608192a
Modificáronse 1 ficheiros con 1 adicións e 1 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 1 1
      src/passwd/getspnam_r.c

+ 1 - 1
src/passwd/getspnam_r.c
Ver ficheiro 

@@ -98,7 +98,7 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct
 
 
 	pthread_cleanup_push(cleanup, f);
 
 	while (fgets(buf, size, f) && (k=strlen(buf))>0) {
 
-		if (skip || strncmp(name, buf, l)) {
 
+		if (skip || strncmp(name, buf, l) || buf[l]!=':') {
 
 			skip = buf[k-1] != '\n';
 
 			continue;
 
 		}