luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-08-01 15:03:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

gutils: Avoid segfault in g_get_user_database_entry

Browse Source 
g_get_user_database_entry() uses variable pwd to store the contents of
the call to getpwnam_r(), then capitalises the first letter of pw_name
with g_ascii_toupper (pw->pw_name[0]).

However, as per the getpwnam manpage, the result of that call "may point
to a static area". When this happens, GLib is trying to edit static
memory which belongs to a shared library, so segfaults.

Instead, copy pw_name off to a temporary variable, set uppercase on
that variable, and use the variable to join into the desired string.
Free the new variable after it is no longer needed.

Signed-off-by: Jamie Bainbridge <jamie.bainbridge@gmail.com>
This commit is contained in:
Jamie Bainbridge
2021-09-08 12:08:17 +10:00
committed by Michael Catanzaro
parent 63d0e9750e
commit ffc00caa73
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
glib/gutils.c
View File

@@ -685,14 +685,17 @@ g_get_user_database_entry (void)
{ {
gchar **gecos_fields; gchar **gecos_fields;
gchar **name_parts; gchar **name_parts;
gchar *uppercase_pw_name;
/* split the gecos field and substitute '&' */ /* split the gecos field and substitute '&' */
gecos_fields = g_strsplit (pw->pw_gecos, ",", 0); gecos_fields = g_strsplit (pw->pw_gecos, ",", 0);
name_parts = g_strsplit (gecos_fields[0], "&", 0); name_parts = g_strsplit (gecos_fields[0], "&", 0);
pw->pw_name[0] = g_ascii_toupper (pw->pw_name[0]); uppercase_pw_name = g_strdup (pw->pw_name);
e.real_name = g_strjoinv (pw->pw_name, name_parts); uppercase_pw_name[0] = g_ascii_toupper (uppercase_pw_name[0]);
e.real_name = g_strjoinv (uppercase_pw_name, name_parts);
g_strfreev (gecos_fields); g_strfreev (gecos_fields);
g_strfreev (name_parts); g_strfreev (name_parts);
g_free (uppercase_pw_name);
} }
#endif #endif