diff options
| author | George Lebl <jirka@5z.com> | 2003-09-25 01:02:58 +0000 |
|---|---|---|
| committer | George Lebl <jirka@src.gnome.org> | 2003-09-25 01:02:58 +0000 |
| commit | 2ec9d9e8bef8c7f2b32859f06455817c784a74c3 (patch) | |
| tree | dca2b12315e44393abe73a5b9f38f699a305a398 | |
| parent | 1b11a31256fe329144418cba7ef4137596fb4771 (diff) | |
| download | gdm-2ec9d9e8bef8c7f2b32859f06455817c784a74c3.tar.gz | |
add some extra anality to the slave when looking at the session name
Wed Sep 24 18:01:06 2003 George Lebl <jirka@5z.com>
* daemon/slave.c: add some extra anality to the slave when looking
at the session name supplied in .dmrc, and also be careful about
what we read as the user pic.
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | daemon/slave.c | 22 |
2 files changed, 24 insertions, 4 deletions
@@ -1,3 +1,9 @@ +Wed Sep 24 18:01:06 2003 George Lebl <jirka@5z.com> + + * daemon/slave.c: add some extra anality to the slave when looking + at the session name supplied in .dmrc, and also be careful about + what we read as the user pic. + Wed Sep 24 16:34:02 2003 George Lebl <jirka@5z.com> * gui/greeter/greeter_item_pam.c, gui/greeter/greeter_geometry.c, diff --git a/daemon/slave.c b/daemon/slave.c index 1b78ff0b..f873b13a 100644 --- a/daemon/slave.c +++ b/daemon/slave.c @@ -2009,7 +2009,7 @@ run_pictures (void) } IGNORE_EINTR (r = stat (picfile, &s)); - if (r < 0) { + if G_UNLIKELY (r < 0 || s.st_size > GdmUserMaxFile) { seteuid (0); setegid (GdmGroupId); @@ -2055,10 +2055,14 @@ run_pictures (void) #endif i = 0; - while ((bytes = fread (buf, sizeof (char), + while (i < s.st_size && + (bytes = fread (buf, sizeof (char), max_write, fp)) > 0) { int written; + if G_UNLIKELY (i + bytes > s.st_size) + bytes = s.st_size - i; + /* write until we succeed in writing something */ IGNORE_EINTR (written = write (greeter_fd_out, buf, bytes)); if G_UNLIKELY (written < 0 && @@ -2083,7 +2087,7 @@ run_pictures (void) } } - /* we have written bytes btyes if it likes it or not */ + /* we have written bytes bytes if it likes it or not */ i += bytes; } @@ -3572,7 +3576,8 @@ gdm_slave_session_start (void) } if G_LIKELY (usrcfgok) { - gchar *cfgfile = g_build_filename (home_dir, ".dmrc", NULL); + char *p; + char *cfgfile = g_build_filename (home_dir, ".dmrc", NULL); VeConfig *cfg = ve_config_new (cfgfile); g_free (cfgfile); @@ -3580,6 +3585,15 @@ gdm_slave_session_start (void) if (usrsess == NULL) usrsess = g_strdup (""); + /* this is just being truly anal about what users give us, and in case + * it looks like they may have included a path whack it. */ + p = strrchr (usrsess, '/'); + if (p != NULL) { + char *tmp = g_strdup (p+1); + g_free (usrsess); + usrsess = tmp; + } + /* ugly workaround for migration */ if ((strcmp (usrsess, "Default.desktop") == 0 || strcmp (usrsess, "Default") == 0) && |