bug-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/1] Add missing null checks in libshouldbeinlibc


From: Justus Winter
Subject: Re: [PATCH 1/1] Add missing null checks in libshouldbeinlibc
Date: Mon, 05 Oct 2015 13:33:59 +0200
User-agent: alot/0.3.5

Merged, thanks!

Justus

Quoting James Clarke (2015-09-29 19:06:46)
> The getpwnam_r and similar functions only return non-zero on error, but not
> finding the given name/UID/GID does not count as an error. When they return 0,
> the value of the result (*result when looking at the arguments in the man 
> pages)
> still needs to be checked for null.
> 
> * libshouldbeinlibc/idvec-rep.c (lookup_uid): Check result for null.
> (lookup_gid): Likewise.
> * libshouldbeinlibc/idvec-verify.c (verify_passwd): Likewise.
> (verify_id): Likewise.
> ---
>  libshouldbeinlibc/idvec-rep.c    | 4 ++--
>  libshouldbeinlibc/idvec-verify.c | 7 ++++---
>  2 files changed, 6 insertions(+), 5 deletions(-)
> 
> diff --git a/libshouldbeinlibc/idvec-rep.c b/libshouldbeinlibc/idvec-rep.c
> index 16408a4..4fc7712 100644
> --- a/libshouldbeinlibc/idvec-rep.c
> +++ b/libshouldbeinlibc/idvec-rep.c
> @@ -129,7 +129,7 @@ lookup_uid (uid_t uid)
>  {
>    char buf[1024];
>    struct passwd _pw, *pw;
> -  if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0)
> +  if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0 && pw)
>      return strdup (pw->pw_name);
>    else
>      return 0;
> @@ -141,7 +141,7 @@ lookup_gid (gid_t gid)
>  {
>    char buf[1024];
>    struct group _gr, *gr;
> -  if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0)
> +  if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0 && gr)
>      return strdup (gr->gr_name);
>    else
>      return 0;
> diff --git a/libshouldbeinlibc/idvec-verify.c 
> b/libshouldbeinlibc/idvec-verify.c
> index 4d9b6db..4019a04 100644
> --- a/libshouldbeinlibc/idvec-verify.c
> +++ b/libshouldbeinlibc/idvec-verify.c
> @@ -107,7 +107,8 @@ verify_passwd (const char *password,
>           return pw->pw_passwd;
>         }
>  
> -      if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw))
> +      if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw)
> +         || ! pw)
>         return errno ?: EINVAL;
>  
>        sys_encrypted = check_shadow (pw);
> @@ -266,7 +267,7 @@ verify_id (uid_t id, int is_group, int multiple,
>           {
>             struct group _gr, *gr;
>             if (getgrgid_r (id, &_gr, id_lookup_buf, sizeof id_lookup_buf, 
> &gr)
> -               == 0)
> +               == 0 && gr)
>               {
>                 if (!gr->gr_passwd || !*gr->gr_passwd)
>                   return (*verify_fn) ("", id, 1, gr, verify_hook);
> @@ -278,7 +279,7 @@ verify_id (uid_t id, int is_group, int multiple,
>           {
>             struct passwd _pw, *pw;
>             if (getpwuid_r (id, &_pw, id_lookup_buf, sizeof id_lookup_buf, 
> &pw)
> -               == 0)
> +               == 0 && pw)
>               {
>                 if (strcmp (pw->pw_passwd, SHADOW_PASSWORD_STRING) == 0)
>                   {
> -- 
> 2.5.3
> 
> 

Attachment: signature.asc
Description: signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]