36 lines
1.2 KiB
Diff
36 lines
1.2 KiB
Diff
|
From 6cd0043221b31a344db8f5dcb82822a2519a2e74 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Karel Zak <kzak@redhat.com>
|
||
|
|
Date: Mon, 7 Feb 2022 13:34:43 +0100
|
||
|
|
Subject: [PATCH] last: don't assume zero terminate strings
|
||
|
|
|
||
|
|
Detected by fuzzer and AddressSanitizer. The utmp strings do not
|
||
|
|
have to be zero terminated.
|
||
|
|
|
||
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
||
|
|
---
|
||
|
|
login-utils/last.c | 4 ++--
|
||
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/login-utils/last.c b/login-utils/last.c
|
||
|
|
index c7aec4c116..84629278e5 100644
|
||
|
|
--- a/login-utils/last.c
|
||
|
|
+++ b/login-utils/last.c
|
||
|
|
@@ -757,7 +757,7 @@ static void process_wtmp_file(const struct last_control *ctl,
|
||
|
|
else {
|
||
|
|
if (ut.ut_type != DEAD_PROCESS &&
|
||
|
|
ut.ut_user[0] && ut.ut_line[0] &&
|
||
|
|
- strcmp(ut.ut_user, "LOGIN") != 0)
|
||
|
|
+ strncmp(ut.ut_user, "LOGIN", 5) != 0)
|
||
|
|
ut.ut_type = USER_PROCESS;
|
||
|
|
/*
|
||
|
|
* Even worse, applications that write ghost
|
||
|
|
@@ -770,7 +770,7 @@ static void process_wtmp_file(const struct last_control *ctl,
|
||
|
|
/*
|
||
|
|
* Clock changes.
|
||
|
|
*/
|
||
|
|
- if (strcmp(ut.ut_user, "date") == 0) {
|
||
|
|
+ if (strncmp(ut.ut_user, "date", 4) == 0) {
|
||
|
|
if (ut.ut_line[0] == '|')
|
||
|
|
ut.ut_type = OLD_TIME;
|
||
|
|
if (ut.ut_line[0] == '{')
|