From ecb608192a48d3688e1a0a21027bfd968d3301a1 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Wed, 21 Jan 2015 14:26:05 -0500 Subject: [PATCH] fix erroneous return of partial username matches by getspnam[_r] when using /etc/shadow (rather than tcb) as its backend, getspnam_r matched any username starting with the caller-provided string rather than requiring an exact match. in practice this seems to have affected only systems where one valid username is a prefix for another valid username, and where the longer username appears first in the shadow file. --- src/passwd/getspnam_r.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/passwd/getspnam_r.c b/src/passwd/getspnam_r.c index 15f8c87b..92339528 100644 --- a/src/passwd/getspnam_r.c +++ b/src/passwd/getspnam_r.c @@ -98,7 +98,7 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct pthread_cleanup_push(cleanup, f); while (fgets(buf, size, f) && (k=strlen(buf))>0) { - if (skip || strncmp(name, buf, l)) { + if (skip || strncmp(name, buf, l) || buf[l]!=':') { skip = buf[k-1] != '\n'; continue; }