From 4ad359ccc69ebfac5e6447562fca5a1741111324 Mon Sep 17 00:00:00 2001
From: Samanta Navarro <ferivoz@riseup.net>
Date: Tue, 23 May 2023 11:53:53 +0000
Subject: [PATCH] subsystem: Prevent endless loop

If a user has home directory "/" and login shell "*" then login and su
enter an endless loop by constantly switching to the next subsystem.

This could also be achieved with a layered approach so just checking
for "/" as home directory is not enough to protect against such a
misconfiguration.

Just break the loop if it progressed too far. I doubt that this has
negative impact on any real setup.

Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
---
 libmisc/sub.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/libmisc/sub.c b/libmisc/sub.c
index d30c4c76..821596d1 100644
--- a/libmisc/sub.c
+++ b/libmisc/sub.c
@@ -15,8 +15,10 @@
 #include <sys/types.h>
 #include "prototypes.h"
 #include "defines.h"
+#define	MAX_SUBROOT2	"maximum subsystem depth reached\n"
 #define	BAD_SUBROOT2	"invalid root `%s' for user `%s'\n"
 #define	NO_SUBROOT2	"no subsystem root `%s' for user `%s'\n"
+#define	MAX_DEPTH	1024
 /*
  * subsystem - change to subsystem root
  *
@@ -27,6 +29,18 @@
  */
 void subsystem (const struct passwd *pw)
 {
+	static int depth = 0;
+
+	/*
+	 * Prevent endless loop on misconfigured systems.
+	 */
+	if (++depth > MAX_DEPTH) {
+		printf (_("Maximum subsystem depth reached\n"));
+		SYSLOG ((LOG_WARN, MAX_SUBROOT2));
+		closelog ();
+		exit (EXIT_FAILURE);
+	}
+
 	/*
 	 * The new root directory must begin with a "/" character.
 	 */