CXX.GETLOGIN

Do not use getlogin in multithreaded applications

User accounts can be obtained without locking in a multithreaded environment. In this case, another thread can read the user account. The getlogin() function returns the username associated with the thread called. When used in a multithreaded environment, the returned username can be changed by another thread, resulting in inaccurate values.

Vulnerability and risk

In a multithreaded context, using the getlogin() function will return a potentially incorrect value.

Mitigation and prevention

To prevent this, use the getlogin_r() function.

Vulnerable code example 1

Copy

1
2
3
4
5
6
7
8
9
10
11
12
13
14
int isTrustedGroup(int);

int loginproc()
{
        struct passwd *pwd = getpwnam(getlogin());
        if (isTrustedGroup(pwd->pw_gid))
        {
                return 1; // allow
        }
        else
        {
                return 0; // deny
        }
}

In the above example, the getlogin() function is used to get the account information and grant permission. In a multithreaded environment, getloin() can change its return value by another thread. Therefore, granting authorization based on the return value of this function can be a security risk.