From nobody@FreeBSD.org  Thu Sep 20 17:38:57 2012
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D55CA106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 20 Sep 2012 17:38:57 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 918478FC16
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 20 Sep 2012 17:38:52 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.5/8.14.5) with ESMTP id q8KHccsV029450
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 20 Sep 2012 17:38:38 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.5/8.14.5/Submit) id q8KHccbI029449;
	Thu, 20 Sep 2012 17:38:38 GMT
	(envelope-from nobody)
Message-Id: <201209201738.q8KHccbI029449@red.freebsd.org>
Date: Thu, 20 Sep 2012 17:38:38 GMT
From: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: run_file in atrun does not allocate enough space for fmt
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         171815
>Category:       bin
>Synopsis:       run_file in atrun does not allocate enough space for fmt
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    jilles
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Sep 20 17:40:03 UTC 2012
>Closed-Date:    Mon Oct 08 14:29:14 UTC 2012
>Last-Modified:  Mon Oct 08 14:29:14 UTC 2012
>Originator:     Jeremy Huddleston Sequoia
>Release:        HEAD
>Organization:
Apple Inc
>Environment:
OS X
>Description:
src/libexec/atrun/atrun.c does the following:

static void
run_file(const char *filename, uid_t uid, gid_t gid)
{
..
    char mailbuf[MAXLOGNAME], fmt[49];
..
    snprintf(fmt, sizeof(fmt),
	"#!/bin/sh\n# atrun uid=%%ld gid=%%ld\n# mail %%%ds %%d",
                          MAXLOGNAME - 1);
..

The problem is that the string being written is can be more than 48 characters long.  Indeed if MAXLOGNAME is 255, we need 50 bytes to hold the string.

This results in atrun erring out on systems where MAXLOGNAME > 100.
>How-To-Repeat:

>Fix:
Index: atrun.c
===================================================================
--- atrun.c	(revision 3476)
+++ atrun.c	(working copy)
@@ -123,7 +123,7 @@
     pid_t pid;
     int fd_out, fd_in;
     int queue;
-    char mailbuf[MAXLOGNAME], fmt[49];
+    char mailbuf[MAXLOGNAME], fmt[64];
     char *mailname = NULL;
     FILE *stream;
     int send_mail = 0;


>Release-Note:
>Audit-Trail:

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/171815: commit references a PR
Date: Wed, 26 Sep 2012 20:47:54 +0000 (UTC)

 Author: jilles
 Date: Wed Sep 26 20:47:39 2012
 New Revision: 240974
 URL: http://svn.freebsd.org/changeset/base/240974
 
 Log:
   atrun: Do not assume that MAXLOGNAME <= 100.
   
   The reserved space for fmt was exactly sufficient for a two-digit value of
   MAXLOGNAME - 1.
   
   PR:		bin/171815
   Submitted by:	Jeremy Huddleston Sequoia
   MFC after:	1 week
 
 Modified:
   head/libexec/atrun/atrun.c
 
 Modified: head/libexec/atrun/atrun.c
 ==============================================================================
 --- head/libexec/atrun/atrun.c	Wed Sep 26 20:16:15 2012	(r240973)
 +++ head/libexec/atrun/atrun.c	Wed Sep 26 20:47:39 2012	(r240974)
 @@ -123,7 +123,7 @@ run_file(const char *filename, uid_t uid
      pid_t pid;
      int fd_out, fd_in;
      int queue;
 -    char mailbuf[MAXLOGNAME], fmt[49];
 +    char mailbuf[MAXLOGNAME], fmt[64];
      char *mailname = NULL;
      FILE *stream;
      int send_mail = 0;
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->patched 
State-Changed-By: jilles 
State-Changed-When: Wed Sep 26 20:50:38 UTC 2012 
State-Changed-Why:  
Committed, thanks! 


Responsible-Changed-From-To: freebsd-bugs->jilles 
Responsible-Changed-By: jilles 
Responsible-Changed-When: Wed Sep 26 20:50:38 UTC 2012 
Responsible-Changed-Why:  
Take. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=171815 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/171815: commit references a PR
Date: Fri,  5 Oct 2012 14:44:00 +0000 (UTC)

 Author: jilles
 Date: Fri Oct  5 14:43:49 2012
 New Revision: 241226
 URL: http://svn.freebsd.org/changeset/base/241226
 
 Log:
   MFC r240974: atrun: Do not assume that MAXLOGNAME <= 100.
   
   The reserved space for fmt was exactly sufficient for a two-digit value of
   MAXLOGNAME - 1.
   
   PR:		bin/171815
   Submitted by:	Jeremy Huddleston Sequoia
 
 Modified:
   stable/9/libexec/atrun/atrun.c
 Directory Properties:
   stable/9/libexec/atrun/   (props changed)
 
 Modified: stable/9/libexec/atrun/atrun.c
 ==============================================================================
 --- stable/9/libexec/atrun/atrun.c	Fri Oct  5 14:42:38 2012	(r241225)
 +++ stable/9/libexec/atrun/atrun.c	Fri Oct  5 14:43:49 2012	(r241226)
 @@ -123,7 +123,7 @@ run_file(const char *filename, uid_t uid
      pid_t pid;
      int fd_out, fd_in;
      int queue;
 -    char mailbuf[MAXLOGNAME], fmt[49];
 +    char mailbuf[MAXLOGNAME], fmt[64];
      char *mailname = NULL;
      FILE *stream;
      int send_mail = 0;
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/171815: commit references a PR
Date: Mon,  8 Oct 2012 14:05:20 +0000 (UTC)

 Author: jilles
 Date: Mon Oct  8 14:05:00 2012
 New Revision: 241350
 URL: http://svn.freebsd.org/changeset/base/241350
 
 Log:
   MFC r240974: atrun: Do not assume that MAXLOGNAME <= 100.
   
   The reserved space for fmt was exactly sufficient for a two-digit value of
   MAXLOGNAME - 1.
   
   PR:		bin/171815
   Submitted by:	Jeremy Huddleston Sequoia
 
 Modified:
   stable/8/libexec/atrun/atrun.c
 Directory Properties:
   stable/8/libexec/atrun/   (props changed)
 
 Modified: stable/8/libexec/atrun/atrun.c
 ==============================================================================
 --- stable/8/libexec/atrun/atrun.c	Mon Oct  8 13:45:40 2012	(r241349)
 +++ stable/8/libexec/atrun/atrun.c	Mon Oct  8 14:05:00 2012	(r241350)
 @@ -130,7 +130,7 @@ run_file(const char *filename, uid_t uid
      pid_t pid;
      int fd_out, fd_in;
      int queue;
 -    char mailbuf[LOGNAMESIZE + 1], fmt[49];
 +    char mailbuf[LOGNAMESIZE + 1], fmt[64];
      char *mailname = NULL;
      FILE *stream;
      int send_mail = 0;
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: jilles 
State-Changed-When: Mon Oct 8 14:29:13 UTC 2012 
State-Changed-Why:  
Merged to stable/9 and stable/8. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=171815 
>Unformatted:
