From 0c83b981053b65c9bab4f1c2e60d004e920f8faf Mon Sep 17 00:00:00 2001
From: Samanta Navarro <ferivoz@riseup.net>
Date: Fri, 27 Jan 2023 11:53:57 +0000
Subject: [PATCH] Read whole line in yes_or_no

Do not stop after 79 characters. Read the complete line to avoid
arbitrary limitations.

Proof of Concept:

```
cat > passwd-poc << EOF
root:x:0:0:root:/root:/bin/bash
root:x:0:0:root:/root:/bin/bash
root:x:0:0:root:/root:/bin/bash
EOF
python -c "print(80*'y')" | pwck passwd-poc
```

Two lines should still be within the file because we agreed only once
to remove a duplicated line.

Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
Reviewed-by: Alejandro Colomar <alx@kernel.org>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
---
 libmisc/yesno.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/libmisc/yesno.c b/libmisc/yesno.c
index 1a1a3714..d8847e40 100644
--- a/libmisc/yesno.c
+++ b/libmisc/yesno.c
@@ -28,7 +28,8 @@
  */
 bool yes_or_no (bool read_only)
 {
-	char buf[80];
+	int c;
+	bool result;
 
 	/*
 	 * In read-only mode all questions are answered "no".
@@ -46,11 +47,13 @@ bool yes_or_no (bool read_only)
 	/*
 	 * Get a line and see what the first character is.
 	 */
+	c = fgetc(stdin);
 	/* TODO: use gettext */
-	if (fgets (buf, sizeof buf, stdin) == buf) {
-		return buf[0] == 'y' || buf[0] == 'Y';
-	}
+	result = (c == 'y' || c == 'Y');
 
-	return false;
+	while (c != '\n' && c != EOF)
+		c = fgetc(stdin);
+
+	return result;
 }