shadow/lib
Alejandro Colomar 220b352b70 Use strlcpy(3) instead of its pattern
-  Since strncpy(3) is not designed to write strings, but rather
   (null-padded) character sequences (a.k.a. unterminated strings), we
   had to manually append a '\0'.  strlcpy(3) creates strings, so they
   are always terminated.  This removes dependencies between lines, and
   also removes chances of accidents.

-  Repurposing strncpy(3) to create strings requires calculating the
   location of the terminating null byte, which involves a '-1'
   calculation.  This is a source of off-by-one bugs.  The new code has
   no '-1' calculations, so there's almost-zero chance of these bugs.

-  strlcpy(3) doesn't padd with null bytes.  Padding is relevant when
   writing fixed-width buffers to binary files, when interfacing certain
   APIs (I believe utmpx requires null padding at lease in some
   systems), or when sending them to other processes or through the
   network.  This is not the case, so padding is effectively ignored.

-  strlcpy(3) requires that the input string is really a string;
   otherwise it crashes (SIGSEGV).  Let's check if the input strings are
   really strings:

   -  lib/fields.c:
      -  'cp' was assigned from 'newft', and 'newft' comes from fgets(3).

   -  lib/gshadow.c:
      -  strlen(string) is calculated a few lines above.

   -  libmisc/console.c:
      -  'cons' comes from getdef_str, which is a bit cryptic, but seems
         to generate strings, I guess.1

   -  libmisc/date_to_str.c:
      -  It receives a string literal.  :)

   -  libmisc/utmp.c:
      -  'tname' comes from ttyname(3), which returns a string.

   -  src/su.c:
      -  'tmp_name' has been passed to strcmp(3) a few lines above.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
2022-12-22 18:03:39 -06:00
..
.indent.pro [svn-upgrade] Integrating new upstream version, shadow (4.0.8) 2007-10-07 11:46:07 +00:00
commonio.c Assume fsync(2) exists 2022-12-15 16:22:05 -06:00
commonio.h Update licensing info 2021-12-23 19:36:50 -06:00
defines.h Remove USE_SYSLOG preprocessor conditional, which was always defined 2022-12-22 11:44:36 +01:00
encrypt.c Merge pull request #451 from hallyn/2021-12-05/license 2022-01-02 18:38:42 -06:00
exitcodes.h Update licensing info 2021-12-23 19:36:50 -06:00
faillog.h Update licensing info 2021-12-23 19:36:50 -06:00
fields.c Use strlcpy(3) instead of its pattern 2022-12-22 18:03:39 -06:00
fputsx.c Update licensing info 2021-12-23 19:36:50 -06:00
get_gid.c Update licensing info 2021-12-23 19:36:50 -06:00
get_pid.c Update licensing info 2021-12-23 19:36:50 -06:00
get_uid.c Update licensing info 2021-12-23 19:36:50 -06:00
getdef.c Remove USE_SYSLOG preprocessor conditional, which was always defined 2022-12-22 11:44:36 +01:00
getdef.h Update licensing info 2021-12-23 19:36:50 -06:00
getlong.c Update licensing info 2021-12-23 19:36:50 -06:00
getulong.c Update licensing info 2021-12-23 19:36:50 -06:00
groupio.c Don't test for NULL before calling free(3) 2022-09-29 16:03:53 +02:00
groupio.h Update licensing info 2021-12-23 19:36:50 -06:00
groupmem.c lib: use strzero where applicable 2022-09-27 16:52:06 +02:00
gshadow_.h Update licensing info 2021-12-23 19:36:50 -06:00
gshadow.c Use strlcpy(3) instead of its pattern 2022-12-22 18:03:39 -06:00
lockpw.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00
Makefile.am build: include lib/shadowlog_internal.h in dist tarballs 2022-01-02 21:06:36 -06:00
nscd.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00
nscd.h * configure.in, lib/nscd.h, lib/nscd.c: Added --with-nscd flag to 2008-08-30 18:30:36 +00:00
nss.c Don't warn when failed to open /etc/nsswitch.conf 2022-11-08 10:18:17 -06:00
pam_defs.h Update licensing info 2021-12-23 19:36:50 -06:00
port.c Update licensing info 2021-12-23 19:36:50 -06:00
port.h Update licensing info 2021-12-23 19:36:50 -06:00
prototypes.h Disable utmpx permanently 2022-12-22 10:31:43 +01:00
pwauth.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00
pwauth.h Add header guards 2022-05-24 07:49:11 -05:00
pwio.c Raise limit for passwd and shadow entry length 2022-10-14 10:41:40 +02:00
pwio.h Update licensing info 2021-12-23 19:36:50 -06:00
pwmem.c lib: use strzero where applicable 2022-09-27 16:52:06 +02:00
run_part.c Initialize local variables 2022-05-24 07:49:11 -05:00
run_part.h Add header guards 2022-05-24 07:49:11 -05:00
selinux.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00
semanage.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00
sgetgrent.c Don't test for NULL before calling free(3) 2022-09-29 16:03:53 +02:00
sgetpwent.c Raise limit for passwd and shadow entry length 2022-10-14 10:41:40 +02:00
sgetspent.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00
sgroupio.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00
sgroupio.h Update licensing info 2021-12-23 19:36:50 -06:00
shadow.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00
shadowio.c Raise limit for passwd and shadow entry length 2022-10-14 10:41:40 +02:00
shadowio.h Update licensing info 2021-12-23 19:36:50 -06:00
shadowlog_internal.h Add header guards 2022-05-24 07:49:11 -05:00
shadowlog.c lib: provide default values for shadow_progname/shadow_logfd 2021-12-27 16:28:23 +00:00
shadowlog.h Drop obsolete prototype for log_dolog() 2022-08-06 11:27:56 -05:00
shadowmem.c lib: use strzero where applicable 2022-09-27 16:52:06 +02:00
spawn.c Merge pull request #451 from hallyn/2021-12-05/license 2022-01-02 18:38:42 -06:00
sssd.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00
sssd.h Flush sssd caches in addition to nscd caches 2018-09-13 14:20:02 +02:00
subordinateio.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00
subordinateio.h fix newusers when nss provides subids 2021-05-23 08:16:16 -05:00
tcbfuncs.c Don't test for NULL before calling free(3) 2022-09-29 16:03:53 +02:00
tcbfuncs.h * lib/tcbfuncs.h: Re-indent. 2010-03-18 19:23:00 +00:00
utent.c Don't redefine errno(3) 2022-12-22 11:43:29 +01:00