diff options
author | Mattias Andrée <maandree@kth.se> | 2021-03-24 12:19:45 +0100 |
---|---|---|
committer | Mattias Andrée <maandree@kth.se> | 2021-03-24 13:09:04 +0100 |
commit | 598d3c5a3daedace93b9fe4d6b5f0e7cf96ccd5e (patch) | |
tree | 9b51fe2ad825091993a6989902854cc11ae27be6 | |
parent | Fix support for long hostnames (diff) | |
download | asroot-1.1.4.tar.gz asroot-1.1.4.tar.bz2 asroot-1.1.4.tar.xz |
Fix a buf and a portability issue found by Jonathan Frech1.1.4
1)
Fix read of potententially uninitialised memory when reading hostname
This bug could cause the program to enter a loop and eventually die
because it cannot allocate memory.
2)
Instead of using execvpe(3) (non-standard), set environ and call
execvp(3). (This works because asroot does not change PATH.)
Signed-off-by: Mattias Andrée <maandree@kth.se>
-rw-r--r-- | asroot.c | 8 |
1 files changed, 5 insertions, 3 deletions
@@ -237,11 +237,11 @@ check_password(void) for (;;) { hostname = realloc(hostname, size *= 2); if (!hostname) { - fprintf(stderr, "%s: realloc %zu: %s\n", argv0, size, strerror(errno)); + fprintf(stderr, "%s: realloc1 %zu: %s\n", argv0, size, strerror(errno)); } *hostname = 0; if (!gethostname(hostname, size)) { - if (!hostname[size - 2]) + if (strnlen(hostname, size) < size - 1) break; } else if (errno != ENAMETOOLONG) { fprintf(stderr, "%s: gethostname %zu: %s\n", argv0, size, strerror(errno)); @@ -393,7 +393,9 @@ main(int argc, char *argv[]) exit(EXIT_ERROR); } - execvpe(argv[0], argv, new_environ ? new_environ : environ); + if (new_environ) + environ = new_environ; + execvp(argv[0], argv); fprintf(stderr, "%s: execvpe %s: %s\n", argv0, argv[0], strerror(errno)); return errno == ENOENT ? EXIT_NOENT : EXIT_EXEC; } |