Date: Fri, 6 May 2005 18:20:07 GMT From: Bruce Evans <bde@zeta.org.au> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/80687: [patch] Missing NULL termination after strncpy() in login(1) Message-ID: <200505061820.j46IK7Kr028639@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/80687; it has been noted by GNATS. From: Bruce Evans <bde@zeta.org.au> To: Przemyslaw Frasunek <venglin@freebsd.lublin.pl> Cc: FreeBSD-gnats-submit@FreeBSD.org, freebsd-bugs@FreeBSD.org Subject: Re: bin/80687: [patch] Missing NULL termination after strncpy() in login(1) Date: Sat, 7 May 2005 04:18:34 +1000 (EST) On Fri, 6 May 2005, Przemyslaw Frasunek wrote: >> Description: > Similar to bin/80661 >> How-To-Repeat: > N/A >> Fix: > --- usr.bin/login/login.c.old Fri May 6 11:20:19 2005 > +++ usr.bin/login/login.c Fri May 6 11:20:36 2005 > @@ -512,10 +512,10 @@ > /* Nothing else left to fail -- really log in. */ > memset((void *)&utmp, 0, sizeof(utmp)); > (void)time(&utmp.ut_time); > - (void)strncpy(utmp.ut_name, username, sizeof(utmp.ut_name)); > + (void)strlcpy(utmp.ut_name, username, sizeof(utmp.ut_name)); > if (hostname) > - (void)strncpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); > - (void)strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); > + (void)strlcpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); > + (void)strlcpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); > login(&utmp); > > dolastlog(quietlog); The utmp names are apparently not strings, so teminating them just breaks recording of some names that work now. Everything (?) uses strn*() to access these names, so non-strings in them work. I logged in as a user with a 16-char username and least the following programs displayed it correctly: w who last ps The bug seems to be just that the non-stringness of the names is not documented. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505061820.j46IK7Kr028639>