From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Jul 2014 17:21:42 +0000 (+0200)
Subject: sysusers: don't allow control characters in gecos fields
X-Git-Tag: v216~689
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=38c74dad1c3d605018e61074e0b80f6b9523b1c8

sysusers: don't allow control characters in gecos fields
---

diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index 40a669725..129493a1e 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -1107,7 +1107,11 @@ static bool valid_gecos(const char *d) {
         if (!utf8_is_valid(d))
                 return false;
 
-        if (strpbrk(d, ":\n"))
+        if (string_has_cc(d, NULL))
+                return false;
+
+        /* Colons are used as field separators, and hence not OK */
+        if (strchr(d, ':'))
                 return false;
 
         return true;