CXX.GETLOGIN
Do not use getlogin in multithreaded applications
User accounts can be obtained without locking in a multithreaded environment. In this case, another thread can read the user account. The getlogin() function returns the username associated with the thread called. When used in a multithreaded environment, the returned username can be changed by another thread, resulting in inaccurate values.
Vulnerability and risk
In a multithreaded context, using the getlogin() function will return a potentially incorrect value.
Mitigation and prevention
To prevent this, use the getlogin_r() function.
Vulnerable code example 1
int isTrustedGroup(int);
int loginproc()
{
struct passwd *pwd = getpwnam(getlogin());
if (isTrustedGroup(pwd->pw_gid))
{
return 1; // allow
}
else
{
return 0; // deny
}
}
In the above example, the getlogin() function is used to get the account information and grant permission. In a multithreaded environment, getloin() can change its return value by another thread. Therefore, granting authorization based on the return value of this function can be a security risk.