From d0a2512c90ba0643904f25de1b66ccfc86502617 Mon Sep 17 00:00:00 2001 From: millert <> Date: Tue, 24 Nov 2015 22:03:33 +0000 Subject: Use reentrant versions of getpw{nam,uid} and getgr{nam,gid} within libc to avoid reusing the static buffers returned by the non-reentrant versions. Since this is inside libc we can use constants for the buffer sizes instead of having to call sysconf(). OK guenther@ deraadt@ --- src/lib/libc/net/rcmdsh.c | 9 +++++---- src/lib/libc/net/ruserok.c | 8 +++++--- 2 files changed, 10 insertions(+), 7 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libc/net/rcmdsh.c b/src/lib/libc/net/rcmdsh.c index 5d468ff4c4..14275d414a 100644 --- a/src/lib/libc/net/rcmdsh.c +++ b/src/lib/libc/net/rcmdsh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rcmdsh.c,v 1.17 2015/11/01 03:45:29 guenther Exp $ */ +/* $OpenBSD: rcmdsh.c,v 1.18 2015/11/24 22:03:33 millert Exp $ */ /* * Copyright (c) 2001, MagniComp @@ -58,15 +58,16 @@ rcmdsh(char **ahost, int rport, const char *locuser, const char *remuser, struct hostent *hp; int sp[2]; pid_t cpid; - char *p; - struct passwd *pw; + char *p, pwbuf[_PW_BUF_LEN]; + struct passwd pwstore, *pw = NULL; /* What rsh/shell to use. */ if (rshprog == NULL) rshprog = _PATH_RSH; /* locuser must exist on this host. */ - if ((pw = getpwnam(locuser)) == NULL) { + getpwnam_r(locuser, &pwstore, pwbuf, sizeof(pwbuf), &pw); + if (pw == NULL) { (void) fprintf(stderr, "rcmdsh: unknown user: %s\n", locuser); return(-1); } diff --git a/src/lib/libc/net/ruserok.c b/src/lib/libc/net/ruserok.c index 88c89ac40f..7dda9550a8 100644 --- a/src/lib/libc/net/ruserok.c +++ b/src/lib/libc/net/ruserok.c @@ -111,11 +111,11 @@ iruserok_sa(const void *raddr, int rlen, int superuser, const char *ruser, struct sockaddr *sa; char *cp; struct stat sbuf; - struct passwd *pwd; + struct passwd pwstore, *pwd; FILE *hostf; uid_t uid; int first; - char pbuf[PATH_MAX]; + char pbuf[PATH_MAX], pwbuf[_PW_BUF_LEN]; sa = (struct sockaddr *)raddr; first = 1; @@ -132,7 +132,9 @@ again: int len; first = 0; - if ((pwd = getpwnam(luser)) == NULL) + pwd = NULL; + getpwnam_r(luser, &pwstore, pwbuf, sizeof(pwbuf), &pwd); + if (pwd == NULL) return (-1); len = snprintf(pbuf, sizeof pbuf, "%s/.rhosts", pwd->pw_dir); if (len < 0 || len >= sizeof pbuf) -- cgit v1.2.3-55-g6feb