From owner-freebsd-arch@freebsd.org  Sun May 15 23:07:23 2016
Return-Path: <owner-freebsd-arch@freebsd.org>
Delivered-To: freebsd-arch@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 35E17B3C32E
 for <freebsd-arch@mailman.ysv.freebsd.org>;
 Sun, 15 May 2016 23:07:23 +0000 (UTC)
 (envelope-from truckman@FreeBSD.org)
Received: from gw.catspoiler.org (unknown [IPv6:2602:304:b010:ef20::f2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "gw.catspoiler.org", Issuer "gw.catspoiler.org" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 03AF017B6
 for <freebsd-arch@FreeBSD.org>; Sun, 15 May 2016 23:07:22 +0000 (UTC)
 (envelope-from truckman@FreeBSD.org)
Received: from FreeBSD.org (mousie.catspoiler.org [192.168.101.2])
 by gw.catspoiler.org (8.15.2/8.15.2) with ESMTP id u4FN7Gtg069070
 for <freebsd-arch@FreeBSD.org>; Sun, 15 May 2016 16:07:20 -0700 (PDT)
 (envelope-from truckman@FreeBSD.org)
Message-Id: <201605152307.u4FN7Gtg069070@gw.catspoiler.org>
Date: Sun, 15 May 2016 16:07:16 -0700 (PDT)
From: Don Lewis <truckman@FreeBSD.org>
Subject: is ut_user[] in struct utmpx NUL terminated?
To: freebsd-arch@FreeBSD.org
MIME-Version: 1.0
Content-Type: TEXT/plain; charset=us-ascii
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch/>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 15 May 2016 23:07:23 -0000

There is a lot of code that expects ut_user[] to be NUL terminated.
There is also a lot of code that sets ut_user[] using strncmp(), which
will not guarantee NUL termination of this field if the name is
sufficiently long.

This doesn't matter as long as user names are kept short enough, but
there doesn't seem to be any limit enforced by the passwd file format or
getpwent().