From 85c13a8c3bb1dac4bd505bbf2a60fc72ea2d18b2 Mon Sep 17 00:00:00 2001
From: Matthias Gerstner <matthias.gerstner@suse.com>
Date: Tue, 3 Aug 2021 09:01:48 -0600
Subject: [PATCH 2/4] Hardening to protect against malicous usernames
---
src/gpupdate.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/gpupdate.c b/src/gpupdate.c
index a7480a1..dce3e5e 100644
--- a/src/gpupdate.c
+++ b/src/gpupdate.c
@@ -114,6 +114,12 @@ gpupdate(const char *user, int flags)
2) not an empty string
3) not already there */
if (user != NULL) {
+ // prevent any attempts to smuggle in command line switches
+ if (user[0] == '-') {
+ syslog(LOG_ERR, "rejecting suspicious username %s", user);
+ return HANDLER_INVALID_INVOCATION;
+ }
+
pwd = getpwnam(user);
if (pwd == NULL) {
syslog(LOG_ERR, "could not look up location of home directory "
--
2.34.1