New upstream version 4.13+dfsg1upstream/4.13+dfsg1 upstream

author: Balint Reczey <balint@balintreczey.hu> 2022-11-10 16:24:06 +0100
committer: Balint Reczey <balint@balintreczey.hu> 2022-11-10 16:24:06 +0100
commit: 3987cc788047570ecf10707dfc8958780d85c73c (patch)
tree: 109724175f07436696f51b14b5abbd3f4d704d6d /lib/sgetpwent.c
parent: 8ead740677d19e48690d4f144ab090b83d47059f (diff)
download: shadow-3987cc788047570ecf10707dfc8958780d85c73c.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/lib/sgetpwent.c b/lib/sgetpwent.c
index c6e5944c..1c8c63e0 100644
--- a/lib/sgetpwent.c
+++ b/lib/sgetpwent.c
@@ -16,6 +16,7 @@
 #include <stdio.h>
 #include <pwd.h>
 #include "prototypes.h"
+#include "shadowlog_internal.h"
 
 #define	NFIELDS	7
 
@@ -34,7 +35,7 @@
 struct passwd *sgetpwent (const char *buf)
 {
 	static struct passwd pwent;
-	static char pwdbuf[1024];
+	static char pwdbuf[PASSWD_ENTRY_MAX_LENGTH];
 	int i;
 	char *cp;
 	char *fields[NFIELDS];
@@ -44,8 +45,12 @@ struct passwd *sgetpwent (const char *buf)
 	 * the password structure remain valid.
 	 */
 
-	if (strlen (buf) >= sizeof pwdbuf)
+	if (strlen (buf) >= sizeof pwdbuf) {
+		fprintf (shadow_logfd,
+		         "%s: Too long passwd entry encountered, file corruption?\n",
+		         shadow_progname);
 		return 0;	/* fail if too long */
+	}
 	strcpy (pwdbuf, buf);
 
 	/*
author	Balint Reczey <balint@balintreczey.hu>	2022-11-10 16:24:06 +0100
committer	Balint Reczey <balint@balintreczey.hu>	2022-11-10 16:24:06 +0100
commit	3987cc788047570ecf10707dfc8958780d85c73c (patch)
tree	109724175f07436696f51b14b5abbd3f4d704d6d /lib/sgetpwent.c
parent	8ead740677d19e48690d4f144ab090b83d47059f (diff)
download	shadow-3987cc788047570ecf10707dfc8958780d85c73c.tar.gz