summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog9
-rw-r--r--auth.c17
2 files changed, 15 insertions, 11 deletions
diff --git a/ChangeLog b/ChangeLog
index 2e3f57a3a..0f00e72e3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -40,6 +40,13 @@
40 dugsong ok 40 dugsong ok
41 XXX isn't it sensitive to the order of -I/usr/include/kerberosIV and 41 XXX isn't it sensitive to the order of -I/usr/include/kerberosIV and
42 -I/usr/include/kerberosV? 42 -I/usr/include/kerberosV?
43 - markus@cvs.openbsd.org 2001/07/11 16:29:59
44 [ssh.c]
45 sort options string, fix -p, add -k
46 - markus@cvs.openbsd.org 2001/07/11 18:26:15
47 [auth.c]
48 no need to call dirname(pw->pw_dir).
49 note that dirname(3) modifies its argument on some systems.
43 50
4420010711 5120010711
45 - (djm) dirname(3) may modify its argument on glibc and other systems. 52 - (djm) dirname(3) may modify its argument on glibc and other systems.
@@ -6015,4 +6022,4 @@
6015 - Wrote replacements for strlcpy and mkdtemp 6022 - Wrote replacements for strlcpy and mkdtemp
6016 - Released 1.0pre1 6023 - Released 1.0pre1
6017 6024
6018$Id: ChangeLog,v 1.1396 2001/07/14 02:20:32 djm Exp $ 6025$Id: ChangeLog,v 1.1397 2001/07/14 02:21:34 djm Exp $
diff --git a/auth.c b/auth.c
index 84e0be761..9d4f4abfe 100644
--- a/auth.c
+++ b/auth.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: auth.c,v 1.26 2001/06/27 04:48:52 markus Exp $"); 26RCSID("$OpenBSD: auth.c,v 1.27 2001/07/11 18:26:15 markus Exp $");
27 27
28#ifdef HAVE_LOGIN_H 28#ifdef HAVE_LOGIN_H
29#include <login.h> 29#include <login.h>
@@ -363,13 +363,10 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
363 char *err, size_t errlen) 363 char *err, size_t errlen)
364{ 364{
365 uid_t uid = pw->pw_uid; 365 uid_t uid = pw->pw_uid;
366 char homedir[MAXPATHLEN];
367 char buf[MAXPATHLEN]; 366 char buf[MAXPATHLEN];
368 char *cp; 367 char *cp;
369 struct stat st; 368 struct stat st;
370 369
371 strlcpy(homedir, dirname(pw->pw_dir), sizeof(homedir));
372
373 if (realpath(file, buf) == NULL) { 370 if (realpath(file, buf) == NULL) {
374 snprintf(err, errlen, "realpath %s failed: %s", file, 371 snprintf(err, errlen, "realpath %s failed: %s", file,
375 strerror(errno)); 372 strerror(errno));
@@ -385,8 +382,6 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
385 return -1; 382 return -1;
386 } 383 }
387 384
388 debug3("secure_filename: terminating check at '%s'", homedir);
389
390 /* for each component of the canonical path, walking upwards */ 385 /* for each component of the canonical path, walking upwards */
391 for (;;) { 386 for (;;) {
392 if ((cp = dirname(buf)) == NULL) { 387 if ((cp = dirname(buf)) == NULL) {
@@ -395,10 +390,6 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
395 } 390 }
396 strlcpy(buf, cp, sizeof(buf)); 391 strlcpy(buf, cp, sizeof(buf));
397 392
398 /* If are passed the homedir then we can stop */
399 if (strcmp(buf, homedir) == 0)
400 break;
401
402 debug3("secure_filename: checking '%s'", buf); 393 debug3("secure_filename: checking '%s'", buf);
403 if (stat(buf, &st) < 0 || 394 if (stat(buf, &st) < 0 ||
404 (st.st_uid != 0 && st.st_uid != uid) || 395 (st.st_uid != 0 && st.st_uid != uid) ||
@@ -408,6 +399,12 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
408 return -1; 399 return -1;
409 } 400 }
410 401
402 /* If are passed the homedir then we can stop */
403 if (strcmp(pw->pw_dir, buf) == 0) {
404 debug3("secure_filename: terminating check at '%s'",
405 buf);
406 break;
407 }
411 /* 408 /*
412 * dirname should always complete with a "/" path, 409 * dirname should always complete with a "/" path,
413 * but we can be paranoid and check for "." too 410 * but we can be paranoid and check for "." too
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 09:27:34 +0000