From 976f42d1f15c135e4e0dd79eb6168b67c2ec6492 Mon Sep 17 00:00:00 2001
From: Rich Felker <dalias@aerifal.cx>
Date: Mon, 14 Feb 2011 21:15:07 -0500
Subject: guard against hard links to non-ordinary-files when reading tcb
 shadow

---
 src/passwd/getspnam_r.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'src/passwd')

diff --git a/src/passwd/getspnam_r.c b/src/passwd/getspnam_r.c
index 1dd39ce0..d21ca810 100644
--- a/src/passwd/getspnam_r.c
+++ b/src/passwd/getspnam_r.c
@@ -1,5 +1,6 @@
 #include <fcntl.h>
 #include <unistd.h>
+#include <sys/stat.h>
 #include "pwf.h"
 
 /* This implementation support Openwall-style TCB passwords in place of
@@ -34,8 +35,9 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct
 
 	fd = open(path, O_RDONLY|O_NOFOLLOW|O_NONBLOCK);
 	if (fd >= 0) {
-		f = fdopen(fd, "rb");
-		if (!f) {
+		struct stat st = { 0 };
+		errno = EINVAL;
+		if (fstat(fd, &st) || !S_ISREG(st.st_mode) || !(f = fdopen(fd, "rb"))) {
 			close(fd);
 			return errno;
 		}
-- 
cgit v1.2.1