[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Building on Mac OS X (was Re: a quick mailutils question)
From: |
Sergey Poznyakoff |
Subject: |
Re: Building on Mac OS X (was Re: a quick mailutils question) |
Date: |
Wed, 01 May 2002 15:06:53 +0300 |
> Well, it strikes me the whole function can be replaced with:
[...]
No, it cannot. The function is run from the daemon, the file
descriptor 0 is associated with the input socket, thus isatty(0) will
always return 0, and the proposed replacement function will always
return NOT_HERE. The purpose of find_user is to find the tty which
has less idle time, i.e. the tty where the user is currently
working. So it has to scan the utmp database.
> This is
> also much shorter. ;-)
But completely non-functional :^)
> Also, note that you have a potential buffer overflow in this function
> as it exists. It may not be terribly useful, but if someone were able
> to, say, create a symlink to /dev/tty0 called something like
>
> this_is_my_really_long_file_name_for_slash_dev_slash_tty0_in_my_home_directory
>
> and then manage to open that as the controlling tty, your function
> would (maybe) overflow the char *tty. I don't know if this is
> possible
Hardly. On input to this function tty is guaranteed to have
MAX_TTY_SIZE, which is the size of the automatic ftty. While
operating on ftty its length is controlled, so at the point
of doing strcpy(tty, ftty), ftty will contain at most MAX_TTY_SIZE-1
bytes. The only dubious point is
sprintf (ftty, "%s/", PATH_TTY_PFX);
(if the length of PATH_TTY_PFX happens to be > MAX_TTY_SIZE-2. But
that's impossible).
Regards,
Sergey