guard against hard links to non-ordinary-files when reading tcb shadow

976f42d1 · Rich Felker · ca1aa5ba · 976f42d1
隐藏空白更改
内联并排

Showing with 4 addition and 2 deletion

src/passwd/getspnam_r.c src/passwd/getspnam_r.c +4 -2

未找到文件。
--- a/src/passwd/getspnam_r.c
+++ b/src/passwd/getspnam_r.c
 #include <fcntl.h>
 #include <unistd.h>
+#include <sys/stat.h>
 #include "pwf.h"
 /* This implementation support Openwall-style TCB passwords in place of
@@ -34,8 +35,9 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct
 	fd = open(path, O_RDONLY|O_NOFOLLOW|O_NONBLOCK);
 	if (fd >= 0) {
-		f = fdopen(fd, "rb");
+		struct stat st = { 0 };
-		if (!f) {
+		errno = EINVAL;
+		if (fstat(fd, &st) || !S_ISREG(st.st_mode) || !(f = fdopen(fd, "rb"))) {
 			close(fd);
 			return errno;
 		}