summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlejandro Colomar <alx@kernel.org>2024-03-07 23:38:48 +0100
committerAlejandro Colomar <alx@kernel.org>2024-03-08 17:42:18 +0100
commit39192107a6afcd3fbe2f37eae3ab604a047f87ee (patch)
treef7902eaf0b4c070138a03d5853f7903cdbee0a3d
parent470d6be230c71a52170ac1775dc57ef502e93f95 (diff)
src/vipw.c: Use string literals to initialize 'Prog'
This avoids using argv[0], which is controlled by the user, and might inject arbitrary text in stderr and the logs. Link: <https://github.com/shadow-maint/shadow/issues/959> Link: <https://github.com/shadow-maint/shadow/pull/960> Cc: "Skyler Ferrante (RIT Student)" <sjf5462@rit.edu> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Karel Zak <kzak@redhat.com> Cc: Iker Pedrosa <ipedrosa@redhat.com> Cc: Christian Brauner <christian@brauner.io> Cherry-picked-from: 89c4da43cbe8 ("src/vipw.c: Use string literals to initialize 'Prog'") Link: <https://github.com/shadow-maint/shadow/pull/962> Signed-off-by: Alejandro Colomar <alx@kernel.org>
Diffstat
-rw-r--r--src/vipw.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/src/vipw.c b/src/vipw.c
index 70dce7ae..35f3b6bd 100644
--- a/src/vipw.c
+++ b/src/vipw.c
@@ -52,7 +52,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char *Prog;
static const char *filename, *fileeditname;
static bool filelocked = false;
@@ -472,7 +472,9 @@ int main (int argc, char **argv)
bool editshadow = false;
bool do_vigr;
- Prog = Basename (argv[0]);
+ do_vigr = (strcmp(Basename(argv[0]), "vigr") == 0);
+
+ Prog = do_vigr ? "vigr" : "vipw";
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -482,9 +484,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
- do_vigr = (strcmp(Prog, "vigr") == 0);
-
- OPENLOG(do_vigr ? "vigr" : "vipw");
+ OPENLOG(Prog);
{
/*
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-18 04:31:37 +0000