sesman: env_set_user, fix potential bof issues

Conflicts:
	sesman/env.c
This commit is contained in:
speidy 2016-10-04 01:53:24 -04:00
parent 4fe4b436d7
commit 33c7f1038c
5 changed files with 51 additions and 22 deletions

View File

@ -228,14 +228,17 @@ g_sprintf(char* dest, const char* format, ...)
} }
/*****************************************************************************/ /*****************************************************************************/
void DEFAULT_CC int DEFAULT_CC
g_snprintf(char* dest, int len, const char* format, ...) g_snprintf(char* dest, int len, const char* format, ...)
{ {
int err;
va_list ap; va_list ap;
va_start(ap, format); va_start(ap, format);
vsnprintf(dest, len, format, ap); err = vsnprintf(dest, len, format, ap);
va_end(ap); va_end(ap);
return err;
} }
/*****************************************************************************/ /*****************************************************************************/
@ -2335,10 +2338,11 @@ g_sigterm(int pid)
/*****************************************************************************/ /*****************************************************************************/
/* returns 0 if ok */ /* returns 0 if ok */
/* the caller is responsible to free the buffs */
/* does not work in win32 */ /* does not work in win32 */
int APP_CC int APP_CC
g_getuser_info(const char* username, int* gid, int* uid, char* shell, g_getuser_info(const char *username, int *gid, int *uid, char **shell,
char* dir, char* gecos) char **dir, char **gecos)
{ {
#if defined(_WIN32) #if defined(_WIN32)
return 1; return 1;
@ -2358,15 +2362,15 @@ g_getuser_info(const char* username, int* gid, int* uid, char* shell,
} }
if (dir != 0) if (dir != 0)
{ {
g_strcpy(dir, pwd_1->pw_dir); *dir = g_strdup(pwd_1->pw_dir);
} }
if (shell != 0) if (shell != 0)
{ {
g_strcpy(shell, pwd_1->pw_shell); *shell = g_strdup(pwd_1->pw_shell);
} }
if (gecos != 0) if (gecos != 0)
{ {
g_strcpy(gecos, pwd_1->pw_gecos); *gecos = g_strdup(pwd_1->pw_gecos);
} }
return 0; return 0;
} }

View File

@ -47,7 +47,7 @@ void DEFAULT_CC
g_printf(const char *format, ...); g_printf(const char *format, ...);
void DEFAULT_CC void DEFAULT_CC
g_sprintf(char* dest, const char* format, ...); g_sprintf(char* dest, const char* format, ...);
void DEFAULT_CC int DEFAULT_CC
g_snprintf(char* dest, int len, const char* format, ...); g_snprintf(char* dest, int len, const char* format, ...);
void DEFAULT_CC void DEFAULT_CC
g_writeln(const char* format, ...); g_writeln(const char* format, ...);
@ -259,8 +259,8 @@ g_getpid(void);
int APP_CC int APP_CC
g_sigterm(int pid); g_sigterm(int pid);
int APP_CC int APP_CC
g_getuser_info(const char* username, int* gid, int* uid, char* shell, g_getuser_info(const char* username, int* gid, int* uid, char** shell,
char* dir, char* gecos); char** dir, char** gecos);
int APP_CC int APP_CC
g_getgroup_info(const char* groupname, int* gid); g_getgroup_info(const char* groupname, int* gid);
int APP_CC int APP_CC

View File

@ -59,19 +59,21 @@ env_check_password_file(char* filename, char* password)
/******************************************************************************/ /******************************************************************************/
int DEFAULT_CC int DEFAULT_CC
env_set_user(char* username, char* passwd_file, int display) env_set_user(char* username, char** passwd_file, int display)
{ {
int error; int error;
int pw_uid; int pw_uid;
int pw_gid; int pw_gid;
int uid; int uid;
char pw_shell[256]; int len;
char pw_dir[256]; char *pw_shell;
char pw_gecos[256]; char *pw_dir;
char text[256]; char text[256];
error = g_getuser_info(username, &pw_gid, &pw_uid, pw_shell, pw_dir, pw_shell = 0;
pw_gecos); pw_dir = 0;
error = g_getuser_info(username, &pw_gid, &pw_uid, &pw_shell, &pw_dir, 0);
if (error == 0) if (error == 0)
{ {
g_rm_temp_dir(); g_rm_temp_dir();
@ -105,16 +107,36 @@ env_set_user(char* username, char* passwd_file, int display)
/* if no auth_file_path is set, then we go for /* if no auth_file_path is set, then we go for
$HOME/.vnc/sesman_username_passwd */ $HOME/.vnc/sesman_username_passwd */
g_mkdir(".vnc"); g_mkdir(".vnc");
g_sprintf(passwd_file, "%s/.vnc/sesman_%s_passwd", pw_dir, username);
len = g_snprintf(NULL, 0, "%s/.vnc/sesman_%s_passwd", pw_dir, username);
*passwd_file = (char *) g_malloc(len + 1, 1);
if (*passwd_file != NULL)
{
g_sprintf(*passwd_file, "%s/.vnc/sesman_%s_passwd", pw_dir, username);
}
} }
else else
{ {
/* we use auth_file_path as requested */ /* we use auth_file_path as requested */
g_sprintf(passwd_file, g_cfg->auth_file_path, username); len = g_snprintf(NULL, 0, g_cfg->auth_file_path, username);
*passwd_file = (char *) g_malloc(len + 1, 1);
if (*passwd_file != NULL)
{
g_sprintf(*passwd_file, g_cfg->auth_file_path, username);
}
}
if (*passwd_file != NULL)
{
LOG_DBG(&(g_cfg->log), "pass file: %s", *passwd_file);
} }
LOG_DBG("pass file: %s", passwd_file); LOG_DBG("pass file: %s", passwd_file);
} }
} }
g_free(pw_dir);
g_free(pw_shell);
} }
else else
{ {

View File

@ -49,7 +49,7 @@ env_check_password_file(char* filename, char* password);
* *
*/ */
int DEFAULT_CC int DEFAULT_CC
env_set_user(char* username, char* passwd_file, int display); env_set_user(char* username, char** passwd_file, int display);
#endif #endif

View File

@ -365,7 +365,7 @@ session_start_fork(int width, int height, int bpp, char* username,
char depth[32]; char depth[32];
char screen[32]; char screen[32];
char text[256]; char text[256];
char passwd_file[256]; char *passwd_file;
char ** pp1 = (char **)NULL; char ** pp1 = (char **)NULL;
struct session_chain * temp = (struct session_chain *)NULL; struct session_chain * temp = (struct session_chain *)NULL;
struct list * xserver_params = (struct list *)NULL; struct list * xserver_params = (struct list *)NULL;
@ -380,7 +380,8 @@ session_start_fork(int width, int height, int bpp, char* username,
g_memset(depth,0,sizeof(char) * 32); g_memset(depth,0,sizeof(char) * 32);
g_memset(screen,0,sizeof(char) * 32); g_memset(screen,0,sizeof(char) * 32);
g_memset(text,0,sizeof(char) * 256); g_memset(text,0,sizeof(char) * 256);
g_memset(passwd_file,0,sizeof(char) * 256);
passwd_file = 0;
/* check to limit concurrent sessions */ /* check to limit concurrent sessions */
if (g_session_count >= g_cfg->sess.max_sessions) if (g_session_count >= g_cfg->sess.max_sessions)
@ -512,7 +513,7 @@ session_start_fork(int width, int height, int bpp, char* username,
} }
else if (xpid == 0) /* child */ else if (xpid == 0) /* child */
{ {
env_set_user(username, passwd_file, display); env_set_user(username, &passwd_file, display);
env_check_password_file(passwd_file, password); env_check_password_file(passwd_file, password);
if (type == SESMAN_SESSION_TYPE_XVNC) if (type == SESMAN_SESSION_TYPE_XVNC)
{ {
@ -527,6 +528,7 @@ session_start_fork(int width, int height, int bpp, char* username,
list_add_item(xserver_params, (long)g_strdup(depth)); list_add_item(xserver_params, (long)g_strdup(depth));
list_add_item(xserver_params, (long)g_strdup("-rfbauth")); list_add_item(xserver_params, (long)g_strdup("-rfbauth"));
list_add_item(xserver_params, (long)g_strdup(passwd_file)); list_add_item(xserver_params, (long)g_strdup(passwd_file));
g_free(passwd_file);
/* additional parameters from sesman.ini file */ /* additional parameters from sesman.ini file */
//config_read_xserver_params(SESMAN_SESSION_TYPE_XVNC, //config_read_xserver_params(SESMAN_SESSION_TYPE_XVNC,
@ -550,6 +552,7 @@ session_start_fork(int width, int height, int bpp, char* username,
list_add_item(xserver_params, (long)g_strdup(geometry)); list_add_item(xserver_params, (long)g_strdup(geometry));
list_add_item(xserver_params, (long)g_strdup("-depth")); list_add_item(xserver_params, (long)g_strdup("-depth"));
list_add_item(xserver_params, (long)g_strdup(depth)); list_add_item(xserver_params, (long)g_strdup(depth));
g_free(passwd_file);
/* additional parameters from sesman.ini file */ /* additional parameters from sesman.ini file */
//config_read_xserver_params(SESMAN_SESSION_TYPE_XRDP, //config_read_xserver_params(SESMAN_SESSION_TYPE_XRDP,