(vfs_finduid): fix overrunning string.

Fix out-of-boundary access to uname if it's shorter than 255 bytes. Found by Coverity. Coverity id #331835. Signed-off-by: Andrew Borodin <aborodin@vmail.ru>
2021-05-28 10:40:18 +03:00 · 2021-05-28 10:40:18 +03:00 · 2dfdc6d690
parent 2d4008655e
commit 2dfdc6d690
1 changed files with 5 additions and 1 deletions
--- a/lib/vfs/utilvfs.c
+++ b/lib/vfs/utilvfs.c
@ -108,8 +108,12 @@ vfs_finduid (const char *uname)
    static int saveuid = GUID_DEFAULT_CONST;
    static char saveuname[TUNMLEN] = "\0";

+    size_t uname_len;
+
+    uname_len = strlen (uname);
+
    if (uname[0] != saveuname[0]        /* Quick test w/o proc call */
-        || 0 != strncmp (uname, saveuname, TUNMLEN))
+        || strncmp (uname, saveuname, MIN (uname_len, TUNMLEN - 1)) != 0)
    {
        struct passwd *pw;