34 lines
1.1 KiB
Diff
34 lines
1.1 KiB
Diff
From aaa9e718c88d6916b003da7ebcfe38a3c88df8e6 Mon Sep 17 00:00:00 2001
|
||
From: Mohamed Maatallah <hotelsmaatallahrecemail@gmail.com>
|
||
Date: Sat, 24 May 2025 03:16:09 +0100
|
||
Subject: [PATCH] Update setpwnam.c
|
||
|
||
---
|
||
login-utils/setpwnam.c | 10 ++++++----
|
||
1 file changed, 6 insertions(+), 4 deletions(-)
|
||
|
||
diff --git a/login-utils/setpwnam.c b/login-utils/setpwnam.c
|
||
index 3e3c1abde..95e470b5a 100644
|
||
--- a/login-utils/setpwnam.c
|
||
+++ b/login-utils/setpwnam.c
|
||
@@ -126,10 +126,12 @@ int setpwnam(struct passwd *pwd, const char *prefix)
|
||
}
|
||
|
||
/* Is this the username we were sent to change? */
|
||
- if (!found && linebuf[namelen] == ':' &&
|
||
- !strncmp(linebuf, pwd->pw_name, namelen)) {
|
||
- /* Yes! So go forth in the name of the Lord and
|
||
- * change it! */
|
||
+ if (!found &&
|
||
+ strncmp(linebuf, pwd->pw_name, namelen) == 0 &&
|
||
+ strlen(linebuf) > namelen &&
|
||
+ linebuf[namelen] == ':') {
|
||
+ /* Yes! But this time let’s not walk past the end of the buffer
|
||
+ * in the name of the Lord, SUID, or anything else. */
|
||
if (putpwent(pwd, fp) < 0)
|
||
goto fail;
|
||
found = 1;
|
||
--
|
||
2.51.0
|
||
|