utmp-wtmp: don't try to read past end of string

[elogind.git] / src / shared / utmp-wtmp.c

diff --git a/src/shared/utmp-wtmp.c b/src/shared/utmp-wtmp.c
index 6bba325d3ecc25ebcaf9fde3e621889084d10887..8717dbac2d06161cba09989bdbc2102b6d4def5e 100644 (file)
--- a/src/shared/utmp-wtmp.c
+++ b/src/shared/utmp-wtmp.c
@@ -29,6 +29,7 @@
 #include <sys/poll.h>
 
 #include "macro.h"
+#include "path-util.h"
 #include "utmp-wtmp.h"
 
 int utmp_get_runlevel(int *runlevel, int *previous) {
@@ -224,7 +225,7 @@ int utmp_put_init_process(const char *id, pid_t pid, pid_t sid, const char *line
         strncpy(store.ut_id, sanitize_id(id), sizeof(store.ut_id));
 
         if (line)
-                strncpy(store.ut_line, file_name_from_path(line), sizeof(store.ut_line));
+                strncpy(store.ut_line, path_get_file_name(line), sizeof(store.ut_line));
 
         return write_entry_both(&store);
 }
@@ -402,10 +403,12 @@ int utmp_wall(const char *message, bool (*match_tty)(const char *tty)) {
                 if (u->ut_type != USER_PROCESS || u->ut_user[0] == 0)
                         continue;
 
+                /* this access is fine, because strlen("/dev/") << 32 (UT_LINESIZE) */
                 if (path_startswith(u->ut_line, "/dev/"))
                         path = u->ut_line;
                 else {
-                        if (asprintf(&buf, "/dev/%s", u->ut_line) < 0) {
+                        if (asprintf(&buf, "/dev/%.*s",
+                                     sizeof(u->ut_line), u->ut_line) < 0) {
                                 r = -ENOMEM;
                                 goto finish;
                         }