59 lines
1.5 KiB
Plaintext
59 lines
1.5 KiB
Plaintext
$OpenBSD: patch-common_d_util_c,v 1.3 2001/08/08 23:31:23 naddy Exp $
|
|
--- common_d/util.c.orig Sat Feb 5 08:26:22 2000
|
|
+++ common_d/util.c Wed Aug 8 01:32:14 2001
|
|
@@ -491,13 +491,20 @@ util_loginname(void)
|
|
}
|
|
endpwent();
|
|
|
|
- /* Try the LOGNAME environment variable */
|
|
+ /*
|
|
+ ** Never ever use environment variables for that. :-)
|
|
+ ** that leads to buffer overflows in other parts of the code
|
|
+ ** thomas@suse.de
|
|
+
|
|
+ /* Try the LOGNAME environment variable
|
|
if ((cp = (char *) getenv("LOGNAME")) != NULL)
|
|
return (cp);
|
|
|
|
- /* Try the USER environment variable */
|
|
+ /* Try the USER environment variable
|
|
if ((cp = (char *) getenv("USER")) != NULL)
|
|
return (cp);
|
|
+ */
|
|
+
|
|
#endif
|
|
/* If we still can't get the login name, just set it
|
|
* to "nobody" (shrug).
|
|
@@ -531,13 +538,20 @@ util_homedir(uid_t uid)
|
|
}
|
|
endpwent();
|
|
|
|
- /* Try the HOME environment variable */
|
|
+
|
|
+ /*
|
|
+ ** Never ever use environment variables for that. :-)
|
|
+ ** that leads to buffer overflows in other parts of the code
|
|
+ ** thomas@suse.de
|
|
+
|
|
+ /* Try the HOME environment variable
|
|
if (uid == ouid && (cp = (char *) getenv("HOME")) != NULL)
|
|
return (cp);
|
|
|
|
- /* If we still can't get the home directory, just set it to the
|
|
+ * If we still can't get the home directory, just set it to the
|
|
* current directory (shrug).
|
|
*/
|
|
+
|
|
return (".");
|
|
#else
|
|
char *cp;
|
|
@@ -623,7 +637,7 @@ util_mkdir(char *path, mode_t mode)
|
|
*/
|
|
if (stat(path, &stbuf) < 0) {
|
|
if (errno == ENOENT) {
|
|
- if (mkdir(path, 0777) < 0)
|
|
+ if (mkdir(path, 0700) < 0)
|
|
return FALSE;
|
|
}
|
|
else
|