1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
Description: Patch to allow usernames longer than 20 characters.
Source: http://www.mail-archive.com/screen-devel@gnu.org/msg00186.html
Author: Steve Kemp
Upstream-Bug: http://savannah.gnu.org/bugs/?21653
Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560231
Ubuntu-Bug: https://bugs.launchpad.net/ubuntu/+source/screen/+bug/582153
Index: screen/acconfig.h
===================================================================
--- screen.orig/acconfig.h 2011-10-08 21:20:48.000000000 +0200
+++ screen/acconfig.h 2011-10-08 21:20:57.000000000 +0200
@@ -39,6 +39,13 @@
#endif
/*
+ * Length of longest username.
+ */
+#ifndef MAX_USERNAME_LEN
+# define MAX_USERNAME_LEN 50
+#endif
+
+/*
* Define SOCKDIR to be the directory to contain the named sockets
* screen creates. This should be in a common subdirectory, such as
* /usr/local or /tmp. It makes things a little more secure if you
Index: screen/acls.c
===================================================================
--- screen.orig/acls.c 2011-10-08 21:20:48.000000000 +0200
+++ screen/acls.c 2011-10-08 21:20:57.000000000 +0200
@@ -182,7 +182,7 @@
#endif
(*up)->u_Esc = DefaultEsc;
(*up)->u_MetaEsc = DefaultMetaEsc;
- strncpy((*up)->u_name, name, 20);
+ strncpy((*up)->u_name, name, MAX_USERNAME_LEN);
(*up)->u_password = NULL;
if (pass)
(*up)->u_password = SaveStr(pass);
@@ -318,8 +318,8 @@
return UserAdd(name, pass, up);
if (!strcmp(name, "nobody")) /* he remains without password */
return -1;
- strncpy((*up)->u_password, pass ? pass : "", 20);
- (*up)->u_password[20] = '\0';
+ strncpy((*up)->u_password, pass ? pass : "", MAX_USERNAME_LEN);
+ (*up)->u_password[MAX_USERNAME_LEN] = '\0';
return 0;
}
#endif
Index: screen/acls.h
===================================================================
--- screen.orig/acls.h 2011-10-08 21:20:48.000000000 +0200
+++ screen/acls.h 2011-10-08 21:20:57.000000000 +0200
@@ -78,7 +78,7 @@
typedef struct acluser
{
struct acluser *u_next; /* continue the main user list */
- char u_name[20+1]; /* login name how he showed up */
+ char u_name[MAX_USERNAME_LEN+1]; /* login name how he showed up */
char *u_password; /* his password (may be NullStr). */
int u_checkpassword; /* nonzero if this u_password is valid */
int u_detachwin; /* the window where he last detached */
Index: screen/screen.c
===================================================================
--- screen.orig/screen.c 2011-10-08 21:20:56.000000000 +0200
+++ screen/screen.c 2011-10-08 21:20:57.000000000 +0200
@@ -997,7 +997,7 @@
if (home == 0 || *home == '\0')
home = ppp->pw_dir;
- if (strlen(LoginName) > 20)
+ if (strlen(LoginName) > MAX_USERNAME_LEN)
Panic(0, "LoginName too long - sorry.");
#ifdef MULTIUSER
if (multi && strlen(multi) > 20)
Index: screen/screen.h
===================================================================
--- screen.orig/screen.h 2011-10-08 21:20:48.000000000 +0200
+++ screen/screen.h 2011-10-08 21:20:57.000000000 +0200
@@ -207,7 +207,7 @@
create;
struct
{
- char auser[20 + 1]; /* username */
+ char auser[MAX_USERNAME_LEN + 1]; /* username */
int apid; /* pid of frontend */
int adaptflag; /* adapt window size? */
int lines, columns; /* display size */
@@ -221,13 +221,13 @@
attach;
struct
{
- char duser[20 + 1]; /* username */
+ char duser[MAX_USERNAME_LEN + 1]; /* username */
int dpid; /* pid of frontend */
}
detach;
struct
{
- char auser[20 + 1]; /* username */
+ char auser[MAX_USERNAME_LEN + 1]; /* username */
int nargs;
char cmd[MAXPATHLEN]; /* command */
int apid; /* pid of frontend */
|
