diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1998-02-11 05:28:53 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1998-02-11 05:28:53 +0000 |
| commit | e4869e0613cb2ae48a186c899724a24be0c440b6 (patch) | |
| tree | 11dc0baac04f8b1228edde959e6e58357faa2efd /lib/libc | |
| parent | 27360c765c15081bfb5fd08a005769f103480ff7 (diff) | |
use fgetln() instead of fgets() so that we can catch \0 in the .rhosts
file. Thanks to fc@parkone.ci.oakland.ca.us for lots of testing and
diagnosis help.
Diffstat (limited to 'lib/libc')
| -rw-r--r-- | lib/libc/net/rcmd.c | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/lib/libc/net/rcmd.c b/lib/libc/net/rcmd.c index 9db161e96da..33fe60452ca 100644 --- a/lib/libc/net/rcmd.c +++ b/lib/libc/net/rcmd.c @@ -34,7 +34,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char *rcsid = "$OpenBSD: rcmd.c,v 1.27 1998/02/11 02:26:15 deraadt Exp $"; +static char *rcsid = "$OpenBSD: rcmd.c,v 1.28 1998/02/11 05:28:52 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/param.h> @@ -403,39 +403,37 @@ __ivaliduser(hostf, raddrl, luser, ruser) { register char *user, *p; int ch; - char buf[MAXHOSTNAMELEN + 128]; /* host + login */ + char *buf; const char *auser, *ahost; int hostok, userok; char *rhost = (char *)-1; char domain[MAXHOSTNAMELEN]; u_int32_t raddr = (u_int32_t)raddrl; + size_t buflen; getdomainname(domain, sizeof(domain)); - while (fgets(buf, sizeof(buf), hostf)) { + while ((buf = fgetln(hostf, &buflen))) { p = buf; - /* Skip lines that are too long. */ - if (strchr(p, '\n') == NULL) { - while ((ch = getc(hostf)) != '\n' && ch != EOF) - if (!isprint(ch)) - goto bail; - continue; - } if (*p == '#') continue; - while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') { + while (*p != '\n' && *p != ' ' && *p != '\t' && p < buf + buflen) { if (!isprint(*p)) goto bail; *p = isupper(*p) ? tolower(*p) : *p; p++; } + if (p >= buf + buflen) + continue; if (*p == ' ' || *p == '\t') { *p++ = '\0'; - while (*p == ' ' || *p == '\t') + while (*p == ' ' || *p == '\t' && p < buf + buflen) p++; + if (p >= buf + buflen) + continue; user = p; while (*p != '\n' && *p != ' ' && - *p != '\t' && *p != '\0') { + *p != '\t' && p < buf + buflen) { if (!isprint(*p)) goto bail; p++; @@ -450,6 +448,9 @@ __ivaliduser(hostf, raddrl, luser, ruser) auser = *user ? user : luser; ahost = buf; + if (strlen(ahost) > MAXHOSTNAMELEN) + continue; + /* * innetgr() must lookup a hostname (we do not attempt * to change the semantics so that netgroups may have |