diff options
author | marcel <marcel@FreeBSD.org> | 2014-04-05 18:14:58 +0000 |
---|---|---|
committer | marcel <marcel@FreeBSD.org> | 2014-04-05 18:14:58 +0000 |
commit | 444c6d535441b4e9fa84e03b16c59fd1345459b8 (patch) | |
tree | bf4f566055f0ec2b6262a037a859339198072384 /lib | |
parent | 60abae8fbc37dbd0767e5360b9ae49fb2109a1b8 (diff) | |
download | FreeBSD-src-444c6d535441b4e9fa84e03b16c59fd1345459b8.zip FreeBSD-src-444c6d535441b4e9fa84e03b16c59fd1345459b8.tar.gz |
The getlogin_basic() function can return a 0 status with a NULL
pointer for the login name (result). Make sure to handle that
case properly. Improve robustness by checking namelen and then
nul-terminating the provided buffer to simplify subsequent logic.
Obtained from: Juniper Networks, Inc.
MFC after: 1 week
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libc/gen/getlogin.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/lib/libc/gen/getlogin.c b/lib/libc/gen/getlogin.c index 4dab3cb..7ab4cba 100644 --- a/lib/libc/gen/getlogin.c +++ b/lib/libc/gen/getlogin.c @@ -87,11 +87,16 @@ getlogin_r(char *logname, int namelen) char *result; int len; int status; - + + if (namelen < 1) + return (ERANGE); + logname[0] = '\0'; + THREAD_LOCK(); result = getlogin_basic(&status); - if (status == 0) { - if ((len = strlen(result) + 1) > namelen) + if (status == 0 && result != NULL) { + len = strlen(result) + 1; + if (len > namelen) status = ERANGE; else strncpy(logname, result, len); |