cron: use existing maximum username constant MAXLOGNAME

Previously cron had its own maximum username length limit, which was
smaller than the system's MAXLOGNAME. This could lead to crontab -u
updating the wrong user's crontab (if the name was truncated, and
matched another user).

PR:		212305
Reported by:	Andrii Kuzik
Reviewed by:	allanjude, jilles
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7747
This commit is contained in:
emaste 2016-09-02 03:15:54 +00:00
parent 46f531e66b
commit 2c87363999
2 changed files with 2 additions and 2 deletions

View File

@ -73,7 +73,6 @@
#define MAX_COMMAND 1000 /* max length of internally generated cmd */
#define MAX_ENVSTR 1000 /* max length of envvar=value\0 strings */
#define MAX_TEMPSTR 100 /* obvious */
#define MAX_UNAME 20 /* max length of username, should be overkill */
#define ROOT_UID 0 /* don't change this, it really must be root */
#define ROOT_USER "root" /* ditto */
#define SYS_NAME "*system*" /* magic owner name for system crontab */

View File

@ -28,6 +28,7 @@ static const char rcsid[] =
#define MAIN_PROGRAM
#include <sys/param.h>
#include "cron.h"
#include <errno.h>
#include <fcntl.h>
@ -57,7 +58,7 @@ static char *Options[] = { "???", "list", "delete", "edit", "replace" };
static PID_T Pid;
static char User[MAX_UNAME], RealUser[MAX_UNAME];
static char User[MAXLOGNAME], RealUser[MAXLOGNAME];
static char Filename[MAX_FNAME];
static FILE *NewCrontab;
static int CheckErrorCount;