src/logoutd.c: Fix theoretical buffer overrun

ut_line doesn't hold a string.  It is a null-padded fixed-width array.
Luckily, I don't think there has ever existed a ut_line ("/dev/tty*")
that was 32 bytes long.  That would have resulted in a buffer overrun.
Anyway, do the right thing, which is copying into a temporary string.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
This commit is contained in:
Alejandro Colomar
2023-11-16 00:26:23 +01:00
committed by Iker Pedrosa
parent 2eceb4381c
commit bbf1d9a800
+5 -3
View File
@@ -43,17 +43,19 @@ static void send_mesg_to_tty (int tty_fd);
*/
static int check_login (const struct utmp *ut)
{
char user[sizeof (ut->ut_user) + 1];
time_t now;
char user[sizeof(ut->ut_user) + 1];
char line[sizeof(ut->ut_line) + 1];
time_t now;
ZUSTR2STP(user, ut->ut_user);
ZUSTR2STP(line, ut->ut_line);
(void) time (&now);
/*
* Check if they are allowed to be logged in right now.
*/
if (!isttytime (user, ut->ut_line, now)) {
if (!isttytime(user, line, now)) {
return 0;
}
return 1;