Use of fgets() can make a single long line to be understood as two
entries, and someone could play tricks with the remainder part of the
buffer.
Signed-off-by: Sami Kerola <kerolasa@xxxxxx>
---
login-utils/chsh.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/login-utils/chsh.c b/login-utils/chsh.c
index 2245f41..9ed4d06 100644
--- a/login-utils/chsh.c
+++ b/login-utils/chsh.c
@@ -87,8 +87,8 @@ static int get_shell_list(char *shell_name)
{
FILE *fp;
int found;
- int len;
- char buf[PATH_MAX];
+ char *buf = NULL;
+ size_t sz = 0, len;
found = false;
fp = fopen(_PATH_SHELLS, "r");
@@ -97,17 +97,17 @@ static int get_shell_list(char *shell_name)
warnx(_("No known shells."));
return true;
}
- while (fgets(buf, sizeof(buf), fp) != NULL) {
+ while (getline(&buf, &sz, fp) != -1) {
+ len = strlen(buf);
/* ignore comments */
if (*buf == '#')
continue;
- len = strlen(buf);
+ /* skip blank lines*/
+ if (len < 2)
+ continue;
/* strip the ending newline */
if (buf[len - 1] == '\n')
buf[len - 1] = 0;
- /* ignore lines that are too damn long */
- else
- continue;
/* check or output the shell */
if (shell_name) {
if (!strcmp(shell_name, buf)) {
@@ -118,6 +118,7 @@ static int get_shell_list(char *shell_name)
printf("%s\n", buf);
}
fclose(fp);
+ free(buf);
return found;
}
--
2.2.1
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
