login: prevent OOB read on illegal /etc/hushlogins

If the file /etc/hushlogins exists and a line starts with '\0', the login tools are prone to an off-by-one read. I see no reliability issue with this, as it would clearly need a hostile action from a system administrator. But for the sake of correctness, I've sent this patch nonetheless.
author: Tobias Stoeckmann 2017-03-12 17:49:45 +0100
committer: Karel Zak 2017-03-13 12:46:49 +0100
commit: b0f97de5a4ab62de55984651a6723acfff6917ae (patch)
tree: 6c8fb05b42a938c8beb95996750a2c10519df467 /login-utils/logindefs.c
parent: libblkid: Fix blkid.conf parsing (diff)
download: kernel-qcow2-util-linux-b0f97de5a4ab62de55984651a6723acfff6917ae.tar.gz
kernel-qcow2-util-linux-b0f97de5a4ab62de55984651a6723acfff6917ae.tar.xz
kernel-qcow2-util-linux-b0f97de5a4ab62de55984651a6723acfff6917ae.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/login-utils/logindefs.c b/login-utils/logindefs.c
index f02c4752d..213ff8d25 100644
--- a/login-utils/logindefs.c
+++ b/login-utils/logindefs.c
@@ -344,7 +344,8 @@ int get_hushlogin_status(struct passwd *pwd, int force_check)
 				continue;	/* ignore errors... */
 
 			while (ok == 0 && fgets(buf, sizeof(buf), f)) {
-				buf[strlen(buf) - 1] = '\0';
+				if (buf[0] != '\0')
+					buf[strlen(buf) - 1] = '\0';
 				ok = !strcmp(buf, *buf == '/' ? pwd->pw_shell :
 								pwd->pw_name);
 			}
author	Tobias Stoeckmann	2017-03-12 17:49:45 +0100
committer	Karel Zak	2017-03-13 12:46:49 +0100
commit	b0f97de5a4ab62de55984651a6723acfff6917ae (patch)
tree	6c8fb05b42a938c8beb95996750a2c10519df467 /login-utils/logindefs.c
parent	libblkid: Fix blkid.conf parsing (diff)
download	kernel-qcow2-util-linux-b0f97de5a4ab62de55984651a6723acfff6917ae.tar.gz kernel-qcow2-util-linux-b0f97de5a4ab62de55984651a6723acfff6917ae.tar.xz kernel-qcow2-util-linux-b0f97de5a4ab62de55984651a6723acfff6917ae.zip