Fix su(1) silent truncation
* src/su.c (check_perms): Do not silently truncate user name. Reported-by: Paul Eggert <eggert@cs.ucla.edu> Co-developed-by: Paul Eggert <eggert@cs.ucla.edu> Signed-off-by: Alejandro Colomar <alx@kernel.org> Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
This commit is contained in:
parent
1d7d94ed7d
commit
4c210a29bc
8
src/su.c
8
src/su.c
@ -658,7 +658,13 @@ static /*@only@*/struct passwd * check_perms (void)
|
|||||||
SYSLOG ((LOG_INFO,
|
SYSLOG ((LOG_INFO,
|
||||||
"Change user from '%s' to '%s' as requested by PAM",
|
"Change user from '%s' to '%s' as requested by PAM",
|
||||||
name, tmp_name));
|
name, tmp_name));
|
||||||
strlcpy (name, tmp_name, sizeof(name));
|
if (strlcpy (name, tmp_name, sizeof(name)) >= sizeof(name)) {
|
||||||
|
fprintf (stderr, _("Overlong user name '%s'\n"),
|
||||||
|
tmp_name);
|
||||||
|
SYSLOG ((LOG_NOTICE, "Overlong user name '%s'",
|
||||||
|
tmp_name));
|
||||||
|
su_failure (caller_tty, true);
|
||||||
|
}
|
||||||
pw = xgetpwnam (name);
|
pw = xgetpwnam (name);
|
||||||
if (NULL == pw) {
|
if (NULL == pw) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (stderr,
|
||||||
|
Loading…
Reference in New Issue
Block a user