From 3e0b33d1daabc885c6fb9a8f9efca307a724bc40 Mon Sep 17 00:00:00 2001 From: Andre Noll Date: Mon, 19 Jun 2023 21:24:29 +0200 Subject: [PATCH] string.c: Don't fall back to /tmp in para_homedir(). This can only lead to trouble. If we can't get the path to the home directory, something is deeply wrong and we really should abort. --- string.c | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/string.c b/string.c index 423fd296..d8bd027b 100644 --- a/string.c +++ b/string.c @@ -308,15 +308,32 @@ __must_check __malloc char *para_logname(void) } /** - * Get the home directory of the current user. + * Get the home directory of the calling user. * * \return A dynamically allocated string that must be freed by the caller. If - * the home directory could not be found, this function returns "/tmp". + * no entry is found which matches the UID of the calling process, or any other + * error occurs, the function prints an error message and aborts. + * + * \sa getpwuid(3), getuid(2). */ __must_check __malloc char *para_homedir(void) { - struct passwd *pw = getpwuid(getuid()); - return para_strdup(pw? pw->pw_dir : "/tmp"); + struct passwd *pw; + + /* + * To distinguish between the error case and the "not found" case we + * have to check errno after getpwuid(3). The manual page recommends to + * set it to zero before the call. + */ + errno = 0; + pw = getpwuid(getuid()); + if (pw) + return para_strdup(pw->pw_dir); + if (errno != 0) + PARA_EMERG_LOG("getpwuid error: %s\n", strerror(errno)); + else + PARA_EMERG_LOG("no pw entry for uid %u\n", (unsigned)getuid()); + exit(EXIT_FAILURE); } /** -- 2.39.5