summaryrefslogtreecommitdiff
path: root/src/passwd
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2011-02-14 21:15:07 -0500
committerRich Felker <dalias@aerifal.cx>2011-02-14 21:15:07 -0500
commit976f42d1f15c135e4e0dd79eb6168b67c2ec6492 (patch)
tree3ddd833f3a2b5a741d19555e628ab63f6f371506 /src/passwd
parentca1aa5bae951dfd8ea85341609266688ec776482 (diff)
downloadmusl-976f42d1f15c135e4e0dd79eb6168b67c2ec6492.tar.gz
guard against hard links to non-ordinary-files when reading tcb shadow
Diffstat (limited to 'src/passwd')
-rw-r--r--src/passwd/getspnam_r.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/passwd/getspnam_r.c b/src/passwd/getspnam_r.c
index 1dd39ce0..d21ca810 100644
--- a/src/passwd/getspnam_r.c
+++ b/src/passwd/getspnam_r.c
@@ -1,5 +1,6 @@
#include <fcntl.h>
#include <unistd.h>
+#include <sys/stat.h>
#include "pwf.h"
/* This implementation support Openwall-style TCB passwords in place of
@@ -34,8 +35,9 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct
fd = open(path, O_RDONLY|O_NOFOLLOW|O_NONBLOCK);
if (fd >= 0) {
- f = fdopen(fd, "rb");
- if (!f) {
+ struct stat st = { 0 };
+ errno = EINVAL;
+ if (fstat(fd, &st) || !S_ISREG(st.st_mode) || !(f = fdopen(fd, "rb"))) {
close(fd);
return errno;
}