* src/login.c: Use a dynamic buffer for usernames.

2008-09-20 19:44:12 +00:00 · 2008-09-20 19:44:12 +00:00 · 65e32d850c
commit 65e32d850c
parent 9f2ce12b28
2 changed files with 28 additions and 15 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
 2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
 	* src/login.c: Use a dynamic buffer for usernames.
 2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
 	* src/login.c: Existence of pam_user was already checked. pwd was
--- a/src/login.c
+++ b/src/login.c
@ -81,7 +81,7 @@ static pam_handle_t *pamh = NULL;
 char *Prog;
 static const char *hostname = "";
-static char username[32];
+static char *username = NULL;
 static int reason = PW_LOGIN;
 static struct passwd pwent;
@ -248,8 +248,6 @@ static void process_flags (int argc, char *const *argv)
 	int arg;
 	int flag;
 	username[0] = '\0';
 	/*
 	 * Check the flags for proper form. Every argument starting with
 	 * "-" must be exactly two characters long. This closes all the
@ -286,7 +284,7 @@ static void process_flags (int argc, char *const *argv)
 			}
 			fflg = true;
 			if (optarg) {
-				STRFCPY (username, optarg);
+				username = xstrdup (optarg);
 			}
 			break;
 		case 'h':
@ -332,11 +330,11 @@ static void process_flags (int argc, char *const *argv)
 	 *  Get the user name.
 	 */
 	if (optind < argc) {
-		if (rflg || (fflg && ('\0' != username[0]))) {
+		if (rflg || (fflg && (NULL != username))) {
 			usage ();
 		}
-		STRFCPY (username, argv[optind]);
+		username = xstrdup (argv[optind]);
 		strzero (argv[optind]);
 		++optind;
 	}
@ -529,10 +527,14 @@ int main (int argc, char **argv)
 		reason = PW_RLOGIN;
 	}
 #ifdef RLOGIN
-	if (   rflg
+	if (rflg) {
-	    && do_rlogin (hostname, username, sizeof username,
+		username = malloc (32 * sizeof char);
-	                  term, sizeof term)) {
+		if (do_rlogin (hostname, username, 32, term, sizeof term)) {
 			preauth_flag = true;
 		} else {
 			free (username);
 			username = NULL;
 		}
 	}
 #endif
@ -813,16 +815,22 @@ int main (int argc, char **argv)
 #else				/* ! USE_PAM */
 	while (true) {	/* repeatedly get login/password pairs */
 		failed = false;	/* haven't failed authentication yet */
-		if ('\0' == username[0]) {	/* need to get a login id */
+		if (NULL == username) {	/* need to get a login id */
 			if (subroot) {
 				closelog ();
 				exit (1);
 			}
 			preauth_flag = false;
-			login_prompt (_("\n%s login: "), username,
+			username = malloc (32);
-			              sizeof username);
+			login_prompt (_("\n%s login: "), username, 32);
 			if ('\0' == username) {
 				/* Prompt for a new login */
 				free (username);
 				username = NULL;
 				continue;
 			}
 		}
 		pwd = xgetpwnam (username);
 		if (NULL == pwd) {
@ -953,7 +961,8 @@ int main (int argc, char **argv)
 			failent.ut_type = USER_PROCESS;
 			failtmp (&failent);
 		}
-		memzero (username, sizeof username);
+		free (username);
 		username = NULL;
 		retries--;
 		if (retries <= 0) {