From 8322d5f82cdb20c115005ffebb5b8853324cd25b Mon Sep 17 00:00:00 2001 From: Jonas 'Sortie' Termansen Date: Wed, 4 Feb 2015 17:07:13 +0100 Subject: [PATCH] Fix getlogin_r memory leak. --- libc/unistd/getlogin_r.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libc/unistd/getlogin_r.cpp b/libc/unistd/getlogin_r.cpp index b29ea940..4140e80d 100644 --- a/libc/unistd/getlogin_r.cpp +++ b/libc/unistd/getlogin_r.cpp @@ -38,6 +38,7 @@ extern "C" int getlogin_r(char* buf, size_t size) size_t pwdbuflen = 0; do { + // TODO: Potential overflow. size_t new_pwdbuflen = pwdbuflen ? 2 * pwdbuflen : 64; char* new_pwdbuf = (char*) realloc(pwdbuf, new_pwdbuflen); if ( !new_pwdbuf ) @@ -50,10 +51,9 @@ extern "C" int getlogin_r(char* buf, size_t size) return free(pwdbuf), errno = errnum, -1; const char* username = passwd->pw_name; - size_t username_len = strlen(username); - if ( size < (username_len + 1) * sizeof(char) ) + if ( size <= strlcpy(buf, username, size) ) return free(pwdbuf), errno = ERANGE, -1; - strcpy(buf, username); + free(pwdbuf); return 0; }