|
 |
587dbb |
From b6036e23b0477be147211b4e21a6b49cd4d6c9a0 Mon Sep 17 00:00:00 2001
|
|
|
587dbb |
From: Jamie Bainbridge <jamie.bainbridge@gmail.com>
|
|
|
587dbb |
Date: Wed, 8 Sep 2021 12:08:17 +1000
|
|
|
587dbb |
Subject: [PATCH] gutils: Avoid segfault in g_get_user_database_entry
|
|
|
587dbb |
|
|
|
587dbb |
g_get_user_database_entry() uses variable pwd to store the contents of
|
|
|
587dbb |
the call to getpwnam_r(), then capitalises the first letter of pw_name
|
|
|
587dbb |
with g_ascii_toupper (pw->pw_name[0]).
|
|
|
587dbb |
|
|
|
587dbb |
However, as per the getpwnam manpage, the result of that call "may point
|
|
|
587dbb |
to a static area". When this happens, GLib is trying to edit static
|
|
|
587dbb |
memory which belongs to a shared library, so segfaults.
|
|
|
587dbb |
|
|
|
587dbb |
Instead, copy pw_name off to a temporary variable, set uppercase on
|
|
|
587dbb |
that variable, and use the variable to join into the desired string.
|
|
|
587dbb |
Free the new variable after it is no longer needed.
|
|
|
587dbb |
|
|
|
587dbb |
Signed-off-by: Jamie Bainbridge <jamie.bainbridge@gmail.com>
|
|
|
587dbb |
---
|
|
|
587dbb |
glib/gutils.c | 7 +++++--
|
|
|
587dbb |
1 file changed, 5 insertions(+), 2 deletions(-)
|
|
|
587dbb |
|
|
|
587dbb |
diff --git a/glib/gutils.c b/glib/gutils.c
|
|
|
587dbb |
index b7a2113d4..4bccd7229 100644
|
|
|
587dbb |
--- a/glib/gutils.c
|
|
|
587dbb |
+++ b/glib/gutils.c
|
|
|
587dbb |
@@ -692,14 +692,17 @@ g_get_user_database_entry (void)
|
|
|
587dbb |
{
|
|
|
587dbb |
gchar **gecos_fields;
|
|
|
587dbb |
gchar **name_parts;
|
|
|
587dbb |
+ gchar *uppercase_pw_name;
|
|
|
587dbb |
|
|
|
587dbb |
/* split the gecos field and substitute '&' */
|
|
|
587dbb |
gecos_fields = g_strsplit (pw->pw_gecos, ",", 0);
|
|
|
587dbb |
name_parts = g_strsplit (gecos_fields[0], "&", 0);
|
|
|
587dbb |
- pw->pw_name[0] = g_ascii_toupper (pw->pw_name[0]);
|
|
|
587dbb |
- e.real_name = g_strjoinv (pw->pw_name, name_parts);
|
|
|
587dbb |
+ uppercase_pw_name = g_strdup (pw->pw_name);
|
|
|
587dbb |
+ uppercase_pw_name[0] = g_ascii_toupper (uppercase_pw_name[0]);
|
|
|
587dbb |
+ e.real_name = g_strjoinv (uppercase_pw_name, name_parts);
|
|
|
587dbb |
g_strfreev (gecos_fields);
|
|
|
587dbb |
g_strfreev (name_parts);
|
|
|
587dbb |
+ g_free (uppercase_pw_name);
|
|
|
587dbb |
}
|
|
|
587dbb |
#endif
|
|
|
587dbb |
|
|
|
587dbb |
--
|
|
|
587dbb |
GitLab
|
|
|
587dbb |
|