diff options
| author | Rich Felker <dalias@aerifal.cx> | 2015-01-21 14:26:05 -0500 |
|---|---|---|
| committer | Rich Felker <dalias@aerifal.cx> | 2015-01-21 14:26:05 -0500 |
| commit | ecb608192a48d3688e1a0a21027bfd968d3301a1 (patch) | |
| tree | c56eed67b272ceece3e6787e8bdba1f6aca7df04 /src | |
| parent | 63cac4e29a61487423f63bed9150aa9aec906823 (diff) | |
| download | musl-ecb608192a48d3688e1a0a21027bfd968d3301a1.tar.gz musl-ecb608192a48d3688e1a0a21027bfd968d3301a1.tar.bz2 musl-ecb608192a48d3688e1a0a21027bfd968d3301a1.tar.xz musl-ecb608192a48d3688e1a0a21027bfd968d3301a1.zip | |
fix erroneous return of partial username matches by getspnam[_r]
when using /etc/shadow (rather than tcb) as its backend, getspnam_r
matched any username starting with the caller-provided string rather
than requiring an exact match. in practice this seems to have affected
only systems where one valid username is a prefix for another valid
username, and where the longer username appears first in the shadow
file.
Diffstat (limited to 'src')
| -rw-r--r-- | src/passwd/getspnam_r.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/passwd/getspnam_r.c b/src/passwd/getspnam_r.c index 15f8c87b..92339528 100644 --- a/src/passwd/getspnam_r.c +++ b/src/passwd/getspnam_r.c @@ -98,7 +98,7 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct pthread_cleanup_push(cleanup, f); while (fgets(buf, size, f) && (k=strlen(buf))>0) { - if (skip || strncmp(name, buf, l)) { + if (skip || strncmp(name, buf, l) || buf[l]!=':') { skip = buf[k-1] != '\n'; continue; } |