utmp-wtmp: don't try to read past end of string

systemd-199/src/shared/utmp-wtmp.c:228: buffer_size_warning: Calling strncpy with a maximum size argument of 32 bytes on destination array "store.ut_line" of size 32 bytes might leave the destination string unterminated. The destination string is unterminated on purpose, but we must remember that.
2026-02-05 01:54:37 +00:00 · 2013-03-28 23:19:19 -04:00 · 2013-03-28 23:19:19 -04:00 · 2688887653
commit 2688887653
parent c8c9c69f39
1 changed files with 3 additions and 1 deletions
--- a/src/shared/utmp-wtmp.c
+++ b/src/shared/utmp-wtmp.c
@ -403,10 +403,12 @@ int utmp_wall(const char *message, bool (*match_tty)(const char *tty)) {
                if (u->ut_type != USER_PROCESS || u->ut_user[0] == 0)
                        continue;

+                /* this access is fine, because strlen("/dev/") << 32 (UT_LINESIZE) */
                if (path_startswith(u->ut_line, "/dev/"))
                        path = u->ut_line;
                else {
-                        if (asprintf(&buf, "/dev/%s", u->ut_line) < 0) {
+                        if (asprintf(&buf, "/dev/%.*s",
+                                     sizeof(u->ut_line), u->ut_line) < 0) {
                                r = -ENOMEM;
                                goto finish;
                        }