diff options
author | Lennart Poettering <lennart@poettering.net> | 2014-07-09 19:20:58 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2014-07-09 19:22:13 +0200 |
commit | 932ad62b84165b0acf690ea34c4b8083657ae244 (patch) | |
tree | 4c8c3c2806d9459ce69fd3c69ca8716355bd2cfc | |
parent | e2a69298819b58f008be61d314f8ab95ccaec427 (diff) |
sysusers: don't allow user names longer than UT_NAMESIZE
As pointed out by Miloslav Trmač it might be a good idea to make sure
that usernames stay with in the utmp-defined limits.
-rw-r--r-- | man/sysusers.d.xml | 2 | ||||
-rw-r--r-- | src/sysusers/sysusers.c | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/man/sysusers.d.xml b/man/sysusers.d.xml index 549b3f6351..40f8715bc0 100644 --- a/man/sysusers.d.xml +++ b/man/sysusers.d.xml @@ -142,7 +142,7 @@ m authd input</programlisting> <title>Name</title> <para>The name field specifies the user or - group name. It should be be shorter than 256 + group name. It should be be shorter than 31 characters and avoid any non-ASCII characters, and not begin with a numeric character. It is strongly recommended to pick user and group diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index 1765f31a3a..40a669725e 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -24,6 +24,7 @@ #include <grp.h> #include <shadow.h> #include <getopt.h> +#include <utmp.h> #include "util.h" #include "hashmap.h" @@ -1095,6 +1096,9 @@ static bool valid_user_group_name(const char *u) { if ((size_t) (i-u) > (size_t) sz) return false; + if ((size_t) (i-u) > UT_NAMESIZE - 1) + return false; + return true; } |