mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-18 10:35:55 +00:00
Code Issues Releases Activity

Slight adjustment to previous fix for __ivaliduser(). It was checking for

Browse Source 
the comment before checking for long lines, so there was a possibility
that the wrap-around might be used as an exploitable hostname.
Reviewed by:
Submitted by:
Obtained from:
This commit is contained in:
Peter Wemm 1995-07-16 17:03:58 +00:00
parent 6263a19a10
commit acc7e87c9b
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=9552
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/libc/net/rcmd.c
View File

@ -366,14 +366,16 @@ __ivaliduser(hostf, raddr, luser, ruser)
return (-1); return (-1);
while (fgets(buf, sizeof(buf), hostf)) { while (fgets(buf, sizeof(buf), hostf)) {
if(buf[0] == '#')
continue;
p = buf; p = buf;
/* Skip lines that are too long. */ /* Skip lines that are too long. */
if (strchr(p, '\n') == NULL) { if (strchr(p, '\n') == NULL) {
while ((ch = getc(hostf)) != '\n' && ch != EOF); while ((ch = getc(hostf)) != '\n' && ch != EOF);
continue; continue;
} }
if (*p == '\n' || *p == '#') {
/* comment... */
continue;
}
while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') { while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') {
*p = isupper(*p) ? tolower(*p) : *p; *p = isupper(*p) ? tolower(*p) : *p;
p++; p++;