use fgetln() instead of fgets() so that we can catch \0 in the .rhosts

file. Thanks to fc@parkone.ci.oakland.ca.us for lots of testing and diagnosis help.
author: deraadt <> 1998-02-11 05:28:52 +0000
committer: deraadt <> 1998-02-11 05:28:52 +0000
commit: cf804860dbbf96ec70fd7e2eeb9cdbe0c86a0f49 (patch)
tree: 21ec71773380b6b5288b4569cf317556574dd7ed
parent: 997296bac15a2a4180e500b0722d1b6060a0dc87 (diff)
download: openbsd-cf804860dbbf96ec70fd7e2eeb9cdbe0c86a0f49.tar.gz
openbsd-cf804860dbbf96ec70fd7e2eeb9cdbe0c86a0f49.tar.bz2
openbsd-cf804860dbbf96ec70fd7e2eeb9cdbe0c86a0f49.zip
1 files changed, 14 insertions, 13 deletions
diff --git a/src/lib/libc/net/rcmd.c b/src/lib/libc/net/rcmd.c
index 9db161e96d..33fe60452c 100644
--- a/src/lib/libc/net/rcmd.c
+++ b/src/lib/libc/net/rcmd.c
@@ -34,7 +34,7 @@
 */
 #if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: rcmd.c,v 1.27 1998/02/11 02:26:15 deraadt Exp $";
+static char *rcsid = "$OpenBSD: rcmd.c,v 1.28 1998/02/11 05:28:52 deraadt Exp $";
 #endif /* LIBC_SCCS and not lint */
 #include <sys/param.h>
@@ -403,39 +403,37 @@ __ivaliduser(hostf, raddrl, luser, ruser)
 {
        register char *user, *p;
        int ch;
-        char buf[MAXHOSTNAMELEN + 128];         /* host + login */
+        char *buf;
        const char *auser, *ahost;
        int hostok, userok;
        char *rhost = (char *)-1;
        char domain[MAXHOSTNAMELEN];
        u_int32_t raddr = (u_int32_t)raddrl;
+        size_t buflen;
        getdomainname(domain, sizeof(domain));
-        while (fgets(buf, sizeof(buf), hostf)) {
+        while ((buf = fgetln(hostf, &buflen))) {
                p = buf;
-                /* Skip lines that are too long. */
-                if (strchr(p, '\n') == NULL) {
-                        while ((ch = getc(hostf)) != '\n' && ch != EOF)
-                                if (!isprint(ch))
-                                        goto bail;
-                        continue;
-                }
                if (*p == '#')
                        continue;
-                while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') {
+                while (*p != '\n' && *p != ' ' && *p != '\t' && p < buf + buflen) {
                        if (!isprint(*p))
                                goto bail;
                        *p = isupper(*p) ? tolower(*p) : *p;
                        p++;
                }
+                if (p >= buf + buflen)
+                        continue;
                if (*p == ' ' || *p == '\t') {
                        *p++ = '\0';
-                        while (*p == ' ' || *p == '\t')
+                        while (*p == ' ' || *p == '\t' && p < buf + buflen)
                                p++;
+                        if (p >= buf + buflen)
+                                continue;
                        user = p;
                        while (*p != '\n' && *p != ' ' &&
-                            *p != '\t' && *p != '\0') {
+                            *p != '\t' && p < buf + buflen) {
                                if (!isprint(*p))
                                        goto bail;
                                p++;
@@ -450,6 +448,9 @@ __ivaliduser(hostf, raddrl, luser, ruser)
                auser = *user ? user : luser;
                ahost = buf;
+                if (strlen(ahost) > MAXHOSTNAMELEN)
+                        continue;
                /*
                 * innetgr() must lookup a hostname (we do not attempt
                 * to change the semantics so that netgroups may have
author	deraadt <>	1998-02-11 05:28:52 +0000
committer	deraadt <>	1998-02-11 05:28:52 +0000
commit	cf804860dbbf96ec70fd7e2eeb9cdbe0c86a0f49 (patch)
tree	21ec71773380b6b5288b4569cf317556574dd7ed
parent	997296bac15a2a4180e500b0722d1b6060a0dc87 (diff)
download	openbsd-cf804860dbbf96ec70fd7e2eeb9cdbe0c86a0f49.tar.gz openbsd-cf804860dbbf96ec70fd7e2eeb9cdbe0c86a0f49.tar.bz2 openbsd-cf804860dbbf96ec70fd7e2eeb9cdbe0c86a0f49.zip