libutil's logout doesn't clear utmp entries
Ata, John (US)
john.ata at baesystems.com
Mon Aug 17 20:29:20 UTC 2015
Hi,
The module logout() in libutil does not actually remove the utmp entry that it attempts to do. This is because it uses getutline() to read the utmp entry which is returned in utmp's internal static buffer. It then modifies the static entry directly and attempts to write it out with pututline(). However, pututline() reads the original entry before writing it into the internal static buffer (only one internal utmp buffer) so it then always writes the original unchanged record back out. One fix is to copy the static buffer into the temporary tmp stack variable (no longer needed) after reading but before writing. This has been tested and appears to work well.
+--- uclibc/libutil/logout.c 2012-05-15 03:20:09.000000000 -0400
++++ uclibc/libutil/logout.c 2015-08-14 16:59:06.625944541 -0400
+@@ -45,6 +45,10 @@
+ /* Read the record. */
+ if ((ut = getutline(&tmp)) != NULL)
+ {
++ /* We can't use the utmp static buffer on the rewrite so copy over */
++ memcpy(&tmp, ut, sizeof tmp);
++ ut = &tmp;
++
+ /* Clear information about who & from where. */
+ memset (ut->ut_name, 0, sizeof ut->ut_name);
+ #if _HAVE_UT_HOST - 0
------
John Ata
BAE Systems
STOP Software Development
More information about the uClibc
mailing list