From b6036e23b0477be147211b4e21a6b49cd4d6c9a0 Mon Sep 17 00:00:00 2001 From: Jamie Bainbridge Date: Wed, 8 Sep 2021 12:08:17 +1000 Subject: [PATCH] gutils: Avoid segfault in g_get_user_database_entry g_get_user_database_entry() uses variable pwd to store the contents of the call to getpwnam_r(), then capitalises the first letter of pw_name with g_ascii_toupper (pw->pw_name[0]). However, as per the getpwnam manpage, the result of that call "may point to a static area". When this happens, GLib is trying to edit static memory which belongs to a shared library, so segfaults. Instead, copy pw_name off to a temporary variable, set uppercase on that variable, and use the variable to join into the desired string. Free the new variable after it is no longer needed. Signed-off-by: Jamie Bainbridge --- glib/gutils.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/glib/gutils.c b/glib/gutils.c index b7a2113d4..4bccd7229 100644 --- a/glib/gutils.c +++ b/glib/gutils.c @@ -692,14 +692,17 @@ g_get_user_database_entry (void) { gchar **gecos_fields; gchar **name_parts; + gchar *uppercase_pw_name; /* split the gecos field and substitute '&' */ gecos_fields = g_strsplit (pw->pw_gecos, ",", 0); name_parts = g_strsplit (gecos_fields[0], "&", 0); - pw->pw_name[0] = g_ascii_toupper (pw->pw_name[0]); - e.real_name = g_strjoinv (pw->pw_name, name_parts); + uppercase_pw_name = g_strdup (pw->pw_name); + uppercase_pw_name[0] = g_ascii_toupper (uppercase_pw_name[0]); + e.real_name = g_strjoinv (uppercase_pw_name, name_parts); g_strfreev (gecos_fields); g_strfreev (name_parts); + g_free (uppercase_pw_name); } #endif -- GitLab