Fix potential strcmp() overflow, better packed struct for pipe

author: Simon Rettberg 2020-10-08 12:24:06 +0200
committer: Simon Rettberg 2020-10-08 12:24:06 +0200
commit: b79d2f21e8f9c0d31568e82b77004a9bbe3b8be3 (patch)
tree: dfe3e688b35372711c0a4637f27d229ad04c05dc
parent: Tweak session killing, don't try login process right away (diff)
download: idle-daemon-b79d2f21e8f9c0d31568e82b77004a9bbe3b8be3.tar.gz
idle-daemon-b79d2f21e8f9c0d31568e82b77004a9bbe3b8be3.tar.xz
idle-daemon-b79d2f21e8f9c0d31568e82b77004a9bbe3b8be3.zip
2 files changed, 11 insertions, 10 deletions
diff --git a/src/rpc.c b/src/rpc.c
index 9345876..28e4b2e 100644
--- a/src/rpc.c
+++ b/src/rpc.c
@@ -18,15 +18,16 @@
 
 #define SOCKPATH "/run/idle-daemon"
 
-#pragma pack(1)
-static struct {
-    int read;
-    int write;
+static union {
+    struct __attribute__((packed)) {
+        int read;
+        int write;
+    };
+    int array[2];
 } rpcPipe = {
     .read = -1,
     .write = -1,
 };
-#pragma pack(0)
 
 _Static_assert( sizeof(rpcPipe) == ( sizeof(int) * 2 ), "Structsize mismatch" );
 
@@ -56,7 +57,7 @@ int rpc_open( void )
         return -1;
     }
     if ( rpcPipe.write == -1 && rpcPipe.read == -1 ) {
-        if ( pipe2( (int*)&rpcPipe, O_DIRECT ) == -1 ) {
+        if ( pipe2( rpcPipe.array, O_DIRECT ) == -1 ) {
             perror( "Cannot create local RPC pipe" );
         } else {
             // Read end nonblocking
diff --git a/src/userlist.c b/src/userlist.c
index 4b03959..1f65eb5 100644
--- a/src/userlist.c
+++ b/src/userlist.c
@@ -84,8 +84,8 @@ int getUserList( struct user *outbuf, int size )
             for ( int j = 0; j < deadzone; ++j ) {
                 if ( outbuf[j].user[0] != '\0' && strcmp( outbuf[j].display, u->ut_host ) == 0 ) {
                     if ( outbuf[j].sessionLeader == u->ut_pid
-                            && strcmp( outbuf[j].user, u->ut_user ) == 0
-                            && strcmp( outbuf[j].device, u->ut_line ) == 0 ) {
+                            && strncmp( outbuf[j].user, u->ut_user, UT_NAMESIZE ) == 0
+                            && strncmp( outbuf[j].device, u->ut_line, UT_LINESIZE ) == 0 ) {
                         use = j;
                         break;
                     }
@@ -111,8 +111,8 @@ int getUserList( struct user *outbuf, int size )
                         use = j;
                     }
                 } else if ( outbuf[j].sessionLeader == u->ut_pid
-                        && strcmp( outbuf[j].user, u->ut_user ) == 0
-                        && strcmp( outbuf[j].device, u->ut_line ) == 0 ) {
+                        && strncmp( outbuf[j].user, u->ut_user, UT_NAMESIZE ) == 0
+                        && strncmp( outbuf[j].device, u->ut_line, UT_LINESIZE ) == 0 ) {
                     use = j;
                     break;
                 }
author	Simon Rettberg	2020-10-08 12:24:06 +0200
committer	Simon Rettberg	2020-10-08 12:24:06 +0200
commit	b79d2f21e8f9c0d31568e82b77004a9bbe3b8be3 (patch)
tree	dfe3e688b35372711c0a4637f27d229ad04c05dc
parent	Tweak session killing, don't try login process right away (diff)
download	idle-daemon-b79d2f21e8f9c0d31568e82b77004a9bbe3b8be3.tar.gz idle-daemon-b79d2f21e8f9c0d31568e82b77004a9bbe3b8be3.tar.xz idle-daemon-b79d2f21e8f9c0d31568e82b77004a9bbe3b8be3.zip