src/vipw.c: Use string literals to initialize 'Prog'

This avoids using argv[0], which is controlled by the user, and might inject arbitrary text in stderr and the logs. Link: <https://github.com/shadow-maint/shadow/issues/959> Link: <https://github.com/shadow-maint/shadow/pull/960> Cc: "Skyler Ferrante (RIT Student)" <sjf5462@rit.edu> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Karel Zak <kzak@redhat.com> Cc: Iker Pedrosa <ipedrosa@redhat.com> Cc: Christian Brauner <christian@brauner.io> Cherry-picked-from: 89c4da43cbe8 ("src/vipw.c: Use string literals to initialize 'Prog'") Link: <https://github.com/shadow-maint/shadow/pull/962> Signed-off-by: Alejandro Colomar <alx@kernel.org>
2026-01-26 22:12:26 +00:00 · 2024-03-07 23:38:48 +01:00 · 2024-03-07 23:38:48 +01:00 · 39192107a6
commit 39192107a6
parent 470d6be230
1 changed files with 5 additions and 5 deletions
--- a/src/vipw.c
+++ b/src/vipw.c
@ -52,7 +52,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char *Prog;

 static const char *filename, *fileeditname;
 static bool filelocked = false;
@ -472,7 +472,9 @@ int main (int argc, char **argv)
 	bool  editshadow = false;
 	bool  do_vigr;

-	Prog = Basename (argv[0]);
+	do_vigr = (strcmp(Basename(argv[0]), "vigr") == 0);
+
+	Prog = do_vigr ? "vigr" : "vipw";
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@ -482,9 +484,7 @@ int main (int argc, char **argv)

 	process_root_flag ("-R", argc, argv);

-	do_vigr = (strcmp(Prog, "vigr") == 0);
-
-	OPENLOG(do_vigr ? "vigr" : "vipw");
+	OPENLOG(Prog);

 	{
 		/*