From patchwork Wed Nov 22 17:31:27 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Joseph Myers <joseph@codesourcery.com>
X-Patchwork-Id: 24449
Received: (qmail 112161 invoked by alias); 22 Nov 2017 17:31:35 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: <mailto:libc-alpha-unsubscribe-##L=##H@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Delivered-To: mailing list libc-alpha@sourceware.org
Received: (qmail 112149 invoked by uid 89); 22 Nov 2017 17:31:34 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-24.3 required=5.0 tests=AWL, BAYES_00,
	GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3,
	KB_WAM_FROM_NAME_SINGLEWORD, RCVD_IN_DNSWL_NONE, SPF_PASS,
	URIBL_RED autolearn=ham version=3.3.2 spammy=among
X-HELO: relay1.mentorg.com
Date: Wed, 22 Nov 2017 17:31:27 +0000
From: Joseph Myers <joseph@codesourcery.com>
To: <libc-alpha@sourceware.org>
Subject: Avoid use of strlen in getlogin_r (bug 22447)
Message-ID: <alpine.DEB.2.20.1711221730500.30870@digraph.polyomino.org.uk>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
X-ClientProxiedBy: svr-ies-mbx-01.mgc.mentorg.com (139.181.222.1) To
	SVR-IES-MBX-03.mgc.mentorg.com (139.181.222.3)

Building glibc with current mainline GCC fails, among other reasons,
because of an error for use of strlen on the nonstring ut_user field.
This patch changes the problem code in getlogin_r to use __strnlen
instead.  It also needs to set the trailing NUL byte of the result
explicitly, because of the case where ut_user does not have such a
trailing NUL byte (but the result should always have one).

Tested for x86_64.  Also tested that, in conjunction with
<https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
the build for arm with mainline GCC.

2017-11-22  Joseph Myers  <joseph@codesourcery.com>

	[BZ #22447]
	* sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
	strlen to compute length of ut_user and set trailing NUL byte of
	result explicitly.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

diff --git a/sysdeps/unix/getlogin_r.c b/sysdeps/unix/getlogin_r.c
index 4a6a40e..ad8e911 100644
--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
@@ -80,7 +80,7 @@ __getlogin_r (char *name, size_t name_len)
 
   if (result == 0)
     {
-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
 
       if (needed > name_len)
 	{
@@ -89,7 +89,8 @@ __getlogin_r (char *name, size_t name_len)
 	}
       else
 	{
-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
 	  result = 0;
 	}
     }