git.samba.org / amitay / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c2e5582)
s3:rpc_server: Fix string compare for utmp entries
authorAndreas Schneider <asn@samba.org>
Mon, 9 Dec 2019 09:22:52 +0000 (10:22 +0100)
committerAndrew Bartlett <abartlet@samba.org>
Tue, 10 Dec 2019 00:30:29 +0000 (00:30 +0000)
The members of struct utmp are marked as nonstring. This means they
might not be nil-terminated.

Found by covscan.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source3/rpc_server/wkssvc/srv_wkssvc_nt.c patch | blob | history

diff --git a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
index f661833abe290c0b83a7438d5cf0eb223c2232dc..6ec3f30c138c6b06ed676c9ecdecbb168d882ce3 100644 (file)
--- a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
+++ b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
@@ -79,7 +79,8 @@ static char **get_logged_on_userlist(TALLOC_CTX *mem_ctx)
                for (i = 0; i < num_users; i++) {
                        /* getutxent can return multiple user entries for the
                         * same user, so ignore any dups */
-                       if (strcmp(u->ut_user, usr_infos[i].name) == 0) {
+                       int cmp = strncmp(u->ut_user, usr_infos[i].name, sizeof(u->ut_user));
+                       if (cmp == 0) {
                                break;
                        }
                }
Amitay's Samba development tree