last: fix wtmp user name buffer overflow [asan]

Ensure utmp user name field is null terminated. Without that getpwnam() can buffer overflow, when wtmp file is malformed. Addresses: https://github.com/karelzak/util-linux/issues/715 Signed-off-by: Sami Kerola <kerolasa@iki.fi>
author: Sami Kerola 2019-01-13 20:48:59 +0100
committer: Sami Kerola 2019-01-13 21:00:38 +0100
commit: b22332dd4f0042e9fc7248aa918b991d684d8f28 (patch)
tree: d83f99a60a421e702573c721d8488dff2cbb3de9 /login-utils
parent: login: add support for login.defs(5) LASTLOG_UID_MAX (diff)
download: kernel-qcow2-util-linux-b22332dd4f0042e9fc7248aa918b991d684d8f28.tar.gz
kernel-qcow2-util-linux-b22332dd4f0042e9fc7248aa918b991d684d8f28.tar.xz
kernel-qcow2-util-linux-b22332dd4f0042e9fc7248aa918b991d684d8f28.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/login-utils/last.c b/login-utils/last.c
index 6b25efd4c..be744b079 100644
--- a/login-utils/last.c
+++ b/login-utils/last.c
@@ -600,6 +600,7 @@ static int is_phantom(const struct last_control *ctl, struct utmpx *ut)
 
 	if (ut->ut_tv.tv_sec < ctl->boot_time.tv_sec)
 		return 1;
+	ut->ut_user[__UT_NAMESIZE - 1] = '\0';
 	pw = getpwnam(ut->ut_user);
 	if (!pw)
 		return 1;
author	Sami Kerola	2019-01-13 20:48:59 +0100
committer	Sami Kerola	2019-01-13 21:00:38 +0100
commit	b22332dd4f0042e9fc7248aa918b991d684d8f28 (patch)
tree	d83f99a60a421e702573c721d8488dff2cbb3de9 /login-utils
parent	login: add support for login.defs(5) LASTLOG_UID_MAX (diff)
download	kernel-qcow2-util-linux-b22332dd4f0042e9fc7248aa918b991d684d8f28.tar.gz kernel-qcow2-util-linux-b22332dd4f0042e9fc7248aa918b991d684d8f28.tar.xz kernel-qcow2-util-linux-b22332dd4f0042e9fc7248aa918b991d684d8f28.zip