On Thu, Jul 28, 2011 at 10:29:01PM +0200, Matthias Andree wrote:
> > /* For example, name like ".." can make adduser
> > * chown "/home/.." recursively - NOT GOOD
> > */
> >
> > do {
> > if (*name == '-' || *name == '.')
> > continue;
> > skip:
> > if (isalnum(*name)
>
> This is bogus and can lead to segfaults through out-of-bounds array
> subscripts on systems with signed chars. This needs to be
> isalnum((unsigned char)*name). This is true for all toupper/tolower and
> is*() functions from <ctype.h> where the argument is as wide as char.
Any use of isalnum or similar in validating login names is completely
bogus because it cannot handle alphanumeric multibyte characters.
Either skip the validation (which is almost surely just harmful and
not helpful to anyone) or make correct use of mbrtowc and iswalnum.
Rich
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
