diff options
| author | mouring <mouring> | 2001-10-03 17:55:26 +0000 |
|---|---|---|
| committer | mouring <mouring> | 2001-10-03 17:55:26 +0000 |
| commit | 0bb45ed2201b10f51e16294acf1eb3764a0ad5ca (patch) | |
| tree | 1acf33352ac527afb67a01699b68b7374c4fd42f /auth.c | |
| parent | ba006c8d772587749d41162dbab897d7f37e7623 (diff) | |
| download | openssh-0bb45ed2201b10f51e16294acf1eb3764a0ad5ca.tar.gz | |
- markus@cvs.openbsd.org 2001/10/03 10:01:20
[auth.c]
use realpath() for homedir, too. from jinmei@isl.rdc.toshiba.co.jp
Diffstat (limited to 'auth.c')
| -rw-r--r-- | auth.c | 11 |
1 files changed, 8 insertions, 3 deletions
@@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.27 2001/07/11 18:26:15 markus Exp $"); +RCSID("$OpenBSD: auth.c,v 1.28 2001/10/03 10:01:20 markus Exp $"); #ifdef HAVE_LOGIN_H #include <login.h> @@ -363,7 +363,7 @@ secure_filename(FILE *f, const char *file, struct passwd *pw, char *err, size_t errlen) { uid_t uid = pw->pw_uid; - char buf[MAXPATHLEN]; + char buf[MAXPATHLEN], homedir[MAXPATHLEN]; char *cp; struct stat st; @@ -372,6 +372,11 @@ secure_filename(FILE *f, const char *file, struct passwd *pw, strerror(errno)); return -1; } + if (realpath(pw->pw_dir, homedir) == NULL) { + snprintf(err, errlen, "realpath %s failed: %s", pw->pw_dir, + strerror(errno)); + return -1; + } /* check the open file to avoid races */ if (fstat(fileno(f), &st) < 0 || @@ -400,7 +405,7 @@ secure_filename(FILE *f, const char *file, struct passwd *pw, } /* If are passed the homedir then we can stop */ - if (strcmp(pw->pw_dir, buf) == 0) { + if (strcmp(homedir, buf) == 0) { debug3("secure_filename: terminating check at '%s'", buf); break; |