Open MarcinDigitic opened 2 months ago
During coverity scan, there is reported an issue with unbounded source buffer for each usage of input arg directly with syslog function.
Please paste such a Coverity scan report in the commit message. It would be helpful when reviewing.
Can you please rebase the branch?
Edit: I've done it myself for you.
v1b:
$ git range-diff md/master..md/topic/coverity/fix_unbound_input_buffer shadow/master..989
1: a90453e6 = 1: bb741102 Fix coverity unbound buffer issues
Please address the issues raised.
I've converted your PR to draft, since it's not ready for review. Please address the comments.
Fix coverity unbound buffer issues
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function.
Sample coverity test report for chsh.c file:
Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group
The proposed commit is a try to fix the reported issues by adding a check for a valid user or group names.