From a3d80dd8aa6ac15877e00102ab174b417ac81d79 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Fri, 12 Jan 2024 16:40:22 +0100 Subject: login: Use getpwnam_r() instead of getpwnam(). Since we expect the entry to still be valid after calling into PAM, which may call getpwnam() itself, we need to use getpwnam_r(). MFC after: 1 week Sponsored by: Klara, Inc. Reviewed by: kevans, imp, allanjude, markj Differential Revision: https://reviews.freebsd.org/D43376 --- usr.bin/login/login.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/usr.bin/login/login.c b/usr.bin/login/login.c index 409e6cc373ad..5b4fa55dc541 100644 --- a/usr.bin/login/login.c +++ b/usr.bin/login/login.c @@ -110,6 +110,8 @@ static u_int timeout = 300; /* Buffer for signal handling of timeout */ static jmp_buf timeout_buf; +char pwbuf[1024]; +struct passwd pwres; struct passwd *pwd; static int failures; @@ -315,7 +317,7 @@ main(int argc, char *argv[]) bail(NO_SLEEP_EXIT, 1); } - pwd = getpwnam(username); + (void)getpwnam_r(username, &pwres, pwbuf, sizeof(pwbuf), &pwd); if (pwd != NULL && pwd->pw_uid == 0) rootlogin = 1; @@ -338,7 +340,7 @@ main(int argc, char *argv[]) (void)setpriority(PRIO_PROCESS, 0, 0); } - if (pwd && rval == 0) + if (pwd != NULL && rval == 0) break; pam_cleanup(); -- cgit v1.2.3