hush: tighten up "for" variable name check.

[oweals/busybox.git] / libbb / login.c

diff --git a/libbb/login.c b/libbb/login.c
index 6ebb9a6a0c577250207a9e5a4ac51ba16ee825a8..b3e199ce42e8c120de68437edf9c9de35b28ed48 100644 (file)
--- a/libbb/login.c
+++ b/libbb/login.c
@@ -10,21 +10,17 @@
  */
 
 #include <sys/param.h>  /* MAXHOSTNAMELEN */
-#include <stdio.h>
-#include <unistd.h>
-#include "libbb.h"
-
 #include <sys/utsname.h>
-#include <time.h>
+#include "libbb.h"
 
 #define LOGIN " login: "
 
-static const char fmtstr_d[] = "%A, %d %B %Y";
-static const char fmtstr_t[] = "%H:%M:%S";
+static const char fmtstr_d[] ALIGN1 = "%A, %d %B %Y";
+static const char fmtstr_t[] ALIGN1 = "%H:%M:%S";
 
-void print_login_issue(const char *issue_file, const char *tty)
+void FAST_FUNC print_login_issue(const char *issue_file, const char *tty)
 {
-       FILE *fd;
+       FILE *fp;
        int c;
        char buf[256+1];
        const char *outbuf;
@@ -36,24 +32,25 @@ void print_login_issue(const char *issue_file, const char *tty)
 
        puts("\r");     /* start a new line */
 
-       fd = fopen(issue_file, "r");
-       if (!fd)
+       fp = fopen_for_read(issue_file);
+       if (!fp)
                return;
-       while ((c = fgetc(fd)) != EOF) {
+       while ((c = fgetc(fp)) != EOF) {
                outbuf = buf;
                buf[0] = c;
                buf[1] = '\0';
-               if(c == '\n') {
+               if (c == '\n') {
                        buf[1] = '\r';
                        buf[2] = '\0';
                }
                if (c == '\\' || c == '%') {
-                       c = fgetc(fd);
+                       c = fgetc(fp);
                        switch (c) {
                        case 's':
                                outbuf = uts.sysname;
                                break;
                        case 'n':
+                       case 'h':
                                outbuf = uts.nodename;
                                break;
                        case 'r':
@@ -67,8 +64,7 @@ void print_login_issue(const char *issue_file, const char *tty)
                                break;
                        case 'D':
                        case 'o':
-                               c = getdomainname(buf, sizeof(buf) - 1);
-                               buf[c >= 0 ? c : 0] = '\0';
+                               outbuf = uts.domainname;
                                break;
                        case 'd':
                                strftime(buf, sizeof(buf), fmtstr_d, localtime(&t));
@@ -76,10 +72,6 @@ void print_login_issue(const char *issue_file, const char *tty)
                        case 't':
                                strftime(buf, sizeof(buf), fmtstr_t, localtime(&t));
                                break;
-                       case 'h':
-                               gethostname(buf, sizeof(buf) - 1);
-                               buf[sizeof(buf) - 1] = '\0';
-                               break;
                        case 'l':
                                outbuf = tty;
                                break;
@@ -89,17 +81,49 @@ void print_login_issue(const char *issue_file, const char *tty)
                }
                fputs(outbuf, stdout);
        }
-       fclose(fd);
+       fclose(fp);
        fflush(stdout);
 }
 
-void print_login_prompt(void)
+void FAST_FUNC print_login_prompt(void)
 {
-       char buf[MAXHOSTNAMELEN+1];
-
-       if (gethostname(buf, MAXHOSTNAMELEN) == 0)
-               fputs(buf, stdout);
+       char *hostname = safe_gethostname();
 
+       fputs(hostname, stdout);
        fputs(LOGIN, stdout);
        fflush(stdout);
+       free(hostname);
+}
+
+/* Clear dangerous stuff, set PATH */
+static const char forbid[] ALIGN1 =
+       "ENV" "\0"
+       "BASH_ENV" "\0"
+       "HOME" "\0"
+       "IFS" "\0"
+       "SHELL" "\0"
+       "LD_LIBRARY_PATH" "\0"
+       "LD_PRELOAD" "\0"
+       "LD_TRACE_LOADED_OBJECTS" "\0"
+       "LD_BIND_NOW" "\0"
+       "LD_AOUT_LIBRARY_PATH" "\0"
+       "LD_AOUT_PRELOAD" "\0"
+       "LD_NOWARN" "\0"
+       "LD_KEEPDIR" "\0";
+
+int FAST_FUNC sanitize_env_if_suid(void)
+{
+       const char *p;
+
+       if (getuid() == geteuid())
+               return 0;
+
+       p = forbid;
+       do {
+               unsetenv(p);
+               p += strlen(p) + 1;
+       } while (*p);
+       putenv((char*)bb_PATH_root_path);
+
+       return 1; /* we indeed were run by different user! */
 }