bruce@godot.UUCP (Bruce Nemnich) (09/19/84)
There was some discussion a few months ago about a problem with null entries in /etc/passwd. These can be caused by running chfn or chsh on a passwd file which has a blank line, often mistakenly left at the end of the file by humans. It presents a gaping security hole if it happens. The problem is in getpwent(3). There are two parts to my fix: the first keeps a newline from getting in a field in the returned structure if not all fields are filled out on the passwd line, and the second ignores leading whitespace and blank lines. *** /tmp/,RCSt1014083 Wed Sep 19 14:38:06 1984 --- getpwent.c Wed Sep 19 14:08:15 1984 *************** *** 28,34 pwskip(p) register char *p; { ! while( *p && *p != ':' ) ++p; if( *p ) *p++ = 0; return(p); --- 28,34 ----- pwskip(p) register char *p; { ! while( *p && *p != ':' && *p != '\n') ++p; if( *p ) *p++ = 0; return(p); *************** *** 43,51 if( (pwf = fopen( PASSWD, "r" )) == NULL ) return(0); } ! p = fgets(line, BUFSIZ, pwf); ! if (p==NULL) ! return(0); passwd.pw_name = p; p = pwskip(p); passwd.pw_passwd = p; --- 43,55 ----- if( (pwf = fopen( PASSWD, "r" )) == NULL ) return(0); } ! do { ! p = fgets(line, BUFSIZ, pwf); ! if (p==NULL) ! return(0); ! /* skip whiteness at beginning of line */ ! while (*p == '\t' || *p == ' ' || *p == '\n') p++; ! } while (*p == '\0'); /* skip blank lines */ passwd.pw_name = p; p = pwskip(p); passwd.pw_passwd = p; -- --Bruce Nemnich, Thinking Machines Corporation, Cambridge, MA {astrovax,cca,harvard,ihnp4,ima,mit-eddie,...}!godot!bruce, BJN@MIT-MC.ARPA