about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog7
-rw-r--r--sysdeps/unix/getlogin_r.c5
2 files changed, 10 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 64a8d9c8ea..013d1e47e5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2017-11-22  Joseph Myers  <joseph@codesourcery.com>
+
+	[BZ #22447]
+	* sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+	strlen to compute length of ut_user and set trailing NUL byte of
+	result explicitly.
+
 2017-11-21  Mike FABIAN  <mfabian@redhat.com>
 
 	[BZ #15537]
diff --git a/sysdeps/unix/getlogin_r.c b/sysdeps/unix/getlogin_r.c
index 4a6a40eeb2..ad8e9111f6 100644
--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
@@ -80,7 +80,7 @@ __getlogin_r (char *name, size_t name_len)
 
   if (result == 0)
     {
-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
 
       if (needed > name_len)
 	{
@@ -89,7 +89,8 @@ __getlogin_r (char *name, size_t name_len)
 	}
       else
 	{
-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
 	  result = 0;
 	}
     }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-10 06:48:37 +0000