Bug 952 - login_init_entry: Cannot find user when username length is 64
Summary: login_init_entry: Cannot find user when username length is 64
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 3.9p1
Hardware: All Linux
: P4 minor
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-11-12 02:50 AEDT by Brian Hamon
Modified: 2006-10-07 11:37 AEST (History)
0 users

See Also:

Attachments
One-line change. Unit tested on Linux. (482 bytes, patch)
2004-11-12 04:58 AEDT, Brian Hamon 		dtucker: ok+
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Brian Hamon 2004-11-12 02:50:10 AEDT 
struct logininfo (loginrec.h) defines LINFO_NAMESIZE to 64. The call to strlcpy 
on loginrec.c line 357 will truncate the 64th character. When a user logs in 
with a username of exactly 64 characters, the following error message is 
displayed:

login_init_entry: Cannot find 
user "testlengthtestlengthtestlengthtestlengthtestlengthtestlengthtes"
Comment 1 Brian Hamon 2004-11-12 04:58:01 AEDT 
Created attachment 739 [details]
One-line change. Unit tested on Linux.

65 probably would have worked, I added 8 to keep the alignment of subsequent
fields.
Comment 2 Darren Tucker 2005-01-20 21:39:40 AEDT 
Comment on attachment 739 [details]
One-line change. Unit tested on Linux.

Seems reasonable to me, all of the references in loginrec.c are limited by
sizeof(li->username).
Objections?
Comment 3 Damien Miller 2005-01-20 21:54:35 AEDT 
I think we should probably round it up to the nearest power of two, but I agree: ok.
Comment 4 Darren Tucker 2005-01-20 22:08:28 AEDT 
Thanks, applied (increased to 128 bytes).
Comment 5 Darren Tucker 2006-10-07 11:37:53 AEST 
Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4.