diff options
author | Sami Kerola | 2019-01-13 20:48:59 +0100 |
---|---|---|
committer | Sami Kerola | 2019-01-13 21:00:38 +0100 |
commit | b22332dd4f0042e9fc7248aa918b991d684d8f28 (patch) | |
tree | d83f99a60a421e702573c721d8488dff2cbb3de9 /login-utils | |
parent | login: add support for login.defs(5) LASTLOG_UID_MAX (diff) | |
download | kernel-qcow2-util-linux-b22332dd4f0042e9fc7248aa918b991d684d8f28.tar.gz kernel-qcow2-util-linux-b22332dd4f0042e9fc7248aa918b991d684d8f28.tar.xz kernel-qcow2-util-linux-b22332dd4f0042e9fc7248aa918b991d684d8f28.zip |
last: fix wtmp user name buffer overflow [asan]
Ensure utmp user name field is null terminated. Without that getpwnam() can
buffer overflow, when wtmp file is malformed.
Addresses: https://github.com/karelzak/util-linux/issues/715
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Diffstat (limited to 'login-utils')
-rw-r--r-- | login-utils/last.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/login-utils/last.c b/login-utils/last.c index 6b25efd4c..be744b079 100644 --- a/login-utils/last.c +++ b/login-utils/last.c @@ -600,6 +600,7 @@ static int is_phantom(const struct last_control *ctl, struct utmpx *ut) if (ut->ut_tv.tv_sec < ctl->boot_time.tv_sec) return 1; + ut->ut_user[__UT_NAMESIZE - 1] = '\0'; pw = getpwnam(ut->ut_user); if (!pw) return 1; |