diff options
| author | moritz <> | 2007-09-17 07:07:23 +0000 |
|---|---|---|
| committer | moritz <> | 2007-09-17 07:07:23 +0000 |
| commit | 3ab3f58d7eccade2ef00c9133279fba03789b644 (patch) | |
| tree | d4329a46b03500e8c50270a7eaecd25743280643 | |
| parent | 7d5b184dfeffc97ef2187f8913f1cda2de0a74b0 (diff) | |
| download | openbsd-3ab3f58d7eccade2ef00c9133279fba03789b644.tar.gz openbsd-3ab3f58d7eccade2ef00c9133279fba03789b644.tar.bz2 openbsd-3ab3f58d7eccade2ef00c9133279fba03789b644.zip | |
Check snprintf(3) return value for error or truncation.
Mostly path construction, where truncation could be bad.
ok and input from deraadt@ millert@ ray@
| -rw-r--r-- | src/lib/libc/net/rcmd.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/lib/libc/net/rcmd.c b/src/lib/libc/net/rcmd.c index e2b9199492..30ca6710c4 100644 --- a/src/lib/libc/net/rcmd.c +++ b/src/lib/libc/net/rcmd.c | |||
| @@ -382,10 +382,14 @@ again: | |||
| 382 | (void)fclose(hostf); | 382 | (void)fclose(hostf); |
| 383 | } | 383 | } |
| 384 | if (first == 1 && (__check_rhosts_file || superuser)) { | 384 | if (first == 1 && (__check_rhosts_file || superuser)) { |
| 385 | int len; | ||
| 386 | |||
| 385 | first = 0; | 387 | first = 0; |
| 386 | if ((pwd = getpwnam(luser)) == NULL) | 388 | if ((pwd = getpwnam(luser)) == NULL) |
| 387 | return (-1); | 389 | return (-1); |
| 388 | snprintf(pbuf, sizeof pbuf, "%s/.rhosts", pwd->pw_dir); | 390 | len = snprintf(pbuf, sizeof pbuf, "%s/.rhosts", pwd->pw_dir); |
| 391 | if (len < 0 || len >= sizeof pbuf) | ||
| 392 | return (-1); | ||
| 389 | 393 | ||
| 390 | /* | 394 | /* |
| 391 | * Change effective uid while opening .rhosts. If root and | 395 | * Change effective uid while opening .rhosts. If root and |