From owner-svn-src-all@FreeBSD.ORG Wed May 20 08:32:25 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A0941106566B; Wed, 20 May 2009 08:32:25 +0000 (UTC) (envelope-from brian@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 8E3318FC12; Wed, 20 May 2009 08:32:25 +0000 (UTC) (envelope-from brian@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n4K8WPXs024469; Wed, 20 May 2009 08:32:25 GMT (envelope-from brian@svn.freebsd.org) Received: (from brian@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n4K8WPrM024468; Wed, 20 May 2009 08:32:25 GMT (envelope-from brian@svn.freebsd.org) Message-Id: <200905200832.n4K8WPrM024468@svn.freebsd.org> From: Brian Somers Date: Wed, 20 May 2009 08:32:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r192432 - head/usr.sbin/pwd_mkdb X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 May 2009 08:32:26 -0000 Author: brian Date: Wed May 20 08:32:25 2009 New Revision: 192432 URL: http://svn.freebsd.org/changeset/base/192432 Log: Verify that the username length is smaller than MAXLOGNAME when asked to verify a passwd file (pwd_mkdb -C). Entries with oversized usernames are still permitted when building the passwd database. When entries are >= MAXLOGNAME in length, they are correctly stored in passwd, pwd.db and spwd.db but are only correctly retrieved by getpwent*() and getpwuid*(). getpwnam*() truncates to MAXLOGNAME - 1 when reading from a file (breaking at least sh, tcsh and bash) and utilities such as su(1) check, complain and fail if the passed name is >= MAXLOGNAME in length. MFC after: 3 weeks Modified: head/usr.sbin/pwd_mkdb/pwd_mkdb.c Modified: head/usr.sbin/pwd_mkdb/pwd_mkdb.c ============================================================================== --- head/usr.sbin/pwd_mkdb/pwd_mkdb.c Wed May 20 07:31:11 2009 (r192431) +++ head/usr.sbin/pwd_mkdb/pwd_mkdb.c Wed May 20 08:32:25 2009 (r192432) @@ -204,7 +204,11 @@ main(int argc, char *argv[]) /* check only if password database is valid */ if (Cflag) { - for (cnt = 1; scan(fp, &pwd); ++cnt); + while (scan(fp, &pwd)) + if (!is_comment && strlen(pwd.pw_name) >= MAXLOGNAME) { + warnx("%s: username too long", pwd.pw_name); + exit(1); + } exit(0); }