From fcc0463a3eb858fe9412a88b821dfd75134046cb Mon Sep 17 00:00:00 2001 From: Dimitri Papadopoulos <3350651-DimitriPapadopoulos@users.noreply.gitlab.com> Date: Tue, 25 Apr 2023 13:22:46 +0300 Subject: [PATCH] Get rid of non-reentrant functions Because we know the code in `main.c` is executed in a single-threaded environment, we don't need to modify non-reentant functions in this file, unless some linter complains in the future: * localtime() * getpwnam() The only remaining non-entrant function is: * getpwuid() Using constant 2049 instead of sysconf(_SC_GETPW_R_SIZE_MAX) might not be the best idea. I want to avoid dynamic allocation. On Ubuntu 18.04, sysconf(_SC_GETPW_R_SIZE_MAX) is 1024, so 2049 "ought to be enough". Signed-off-by: Dimitri Papadopoulos <3350651-DimitriPapadopoulos@users.noreply.gitlab.com> --- auth.c | 13 +++++++------ main.c | 2 +- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/auth.c b/auth.c index 317fc218..a449cfc0 100644 --- a/auth.c +++ b/auth.c @@ -1114,7 +1114,8 @@ int set_csd_user(struct openconnect_info *vpninfo) setsid(); if (vpninfo->uid_csd_given && vpninfo->uid_csd != getuid()) { - struct passwd *pw; + struct passwd pwd, *result; + char buffer[2049]; /* should be sysconf(_SC_GETPW_R_SIZE_MAX) */ int err; if (setgid(vpninfo->gid_csd)) { @@ -1138,17 +1139,17 @@ int set_csd_user(struct openconnect_info *vpninfo) return -err; } - if (!(pw = getpwuid(vpninfo->uid_csd))) { - err = errno; + if ((err = getpwuid_r(vpninfo->uid_csd, &pwd, buffer, sizeof(buffer), + &result)) || !result) { fprintf(stderr, _("Invalid user uid=%ld: %s\n"), (long)vpninfo->uid_csd, strerror(err)); return -err; } - setenv("HOME", pw->pw_dir, 1); - if (chdir(pw->pw_dir)) { + setenv("HOME", result->pw_dir, 1); + if (chdir(result->pw_dir)) { err = errno; fprintf(stderr, _("Failed to change to CSD home directory '%s': %s\n"), - pw->pw_dir, strerror(err)); + result->pw_dir, strerror(err)); return -err; } } diff --git a/main.c b/main.c index b7179a2e..b02e8e02 100644 --- a/main.c +++ b/main.c @@ -1586,7 +1586,7 @@ static void print_connection_info(struct openconnect_info *vpninfo) dtls_state); if (vpninfo->auth_expiration != 0) { char buf[80]; - struct tm *tm = localtime(&&vpninfo->auth_expiration); + struct tm *tm = localtime(&vpninfo->auth_expiration); strftime(buf, 80, "%a, %d %b %Y %H:%M:%S %Z", tm); vpn_progress(vpninfo, PRG_INFO, _("Session authentication will expire at %s\n"), -- 2.50.1