On Thu, Jan 27, 2005 at 08:56:46AM +0100, Peter Stuge wrote:
> Also, how exactly are the env variables "setup" ? String and memory
> handling in C is difficult to get right in the beginning, if you're
> not careful you can introduce security holes very easily.
Sorry, I should have looked at the code.
You've got it covered with the two extra bytes for the = and \0.
But you shouldn't free(tmp) after putenv():ing SHELL, since that will
free the memory that is actually used in the environment, allowing
someone else to write there later on, possibly introducing another
security hole. (Getting repetitive, yes, I know.)
> If you looked at my bchkpw you noticed that I took a shortcut and let
> libc handle it all, by using the setenv() call. Maximum portability
> will require execve() or possibly putenv() though, and they both
> require you to set up the complete NAME=value string on your own.
Your putenv() scheme will work great. Just remove the free(tmp) on
the end.
A side note, the construct (*user).pw_name can (should) be written as
user->pw_name, which is a lot easier at least on my eyes. :)
> > Something else I encountered:
> > I use getpwuid() to retrieve the username. But if there is no user
> > in /etc/passwd for that UID then the function generates a
> > segmentation fault. Is there a way to catch this?
>
> Are you sure the function generates the segmentation fault?
Your code looks good, but I may be overlooking something. Try
splitting up assignment and evaluation and add some debug output
right after the call to print out the return value.
E.g.
user=getpwuid(userId);
printf("user=0x%x\n",user);
if(NULL==user)
return 111;
Should give 0x0 for non-existant uids and 0xsomething for existing
ones.
//Peter
