[v2] cuserid: support invocation with a NULL pointer argument

Submitted by Rich Felker on Feb. 13, 2021, 7:06 p.m.

Details

Message ID 20210213190634.GC11590@brightrain.aerifal.cx
State New
Series "cuserid: support invocation with a NULL pointer argument"
Headers show

Commit Message

Rich Felker Feb. 13, 2021, 7:06 p.m.
On Sun, Mar 22, 2020 at 11:05:57AM -0400, Rich Felker wrote:
> On Sun, Mar 22, 2020 at 10:51:56AM +0100, Sören Tempel wrote:
> > Sören Tempel <soeren@soeren-tempel.net> wrote:
> > > From my personal Alpine Linux packaging perspective: I would prefer
> > > either removing the function entirely or supporting the invocation with
> > > a NULL pointer argument. Currently, apps using this with a NULL pointer
> > > (e.g. cdparanoia) will crash at runtime which makes it more difficult to
> > > identify them. If the function would be removed entirely we would be
> > > able to detect, during compilation, which apps use it and patch them
> > > accordingly.
> > 
> > Ping.
> 
> Thanks. I'm trying to catch up on patches and I just confirmed your
> research, so I think the patch is correct. I'll apply soon.

Sorry for taking so long to get back to this. The function seems to
have been significantly broken on top of not supporting a null
argument. See attached three patches which I plan to push if there are
no stupid bugs in them.

Rich
From a75283d777ed1827ed247dbb465818a0ce371c8f Mon Sep 17 00:00:00 2001
From: Rich Felker <dalias@aerifal.cx>
Date: Sat, 13 Feb 2021 13:54:00 -0500
Subject: [PATCH 1/3] cuserid: don't return truncated results

checking the length also drops the need to pull in snprintf.
---
 src/legacy/cuserid.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/src/legacy/cuserid.c b/src/legacy/cuserid.c
index fd7832e4..3ff115a1 100644
--- a/src/legacy/cuserid.c
+++ b/src/legacy/cuserid.c
@@ -2,6 +2,7 @@ 
 #include <pwd.h>
 #include <stdio.h>
 #include <unistd.h>
+#include <string.h>
 
 char *cuserid(char *buf)
 {
@@ -10,7 +11,10 @@  char *cuserid(char *buf)
 	long pwb[256];
 	if (getpwuid_r(geteuid(), &pw, (void *)pwb, sizeof pwb, &ppw))
 		return 0;
+	size_t len = strnlen(pw.pw_name, L_cuserid);
+	if (len == L_cuserid)
+		return 0;
 	if (!buf) buf = usridbuf;
-	snprintf(buf, L_cuserid, "%s", pw.pw_name);
+	memcpy(buf, pw.pw_name, len+1);
 	return buf;
 }