Merged, thanks! Justus
Quoting James Clarke (2015-09-29 19:06:46) > The getpwnam_r and similar functions only return non-zero on error, but not > finding the given name/UID/GID does not count as an error. When they return 0, > the value of the result (*result when looking at the arguments in the man > pages) > still needs to be checked for null. > > * libshouldbeinlibc/idvec-rep.c (lookup_uid): Check result for null. > (lookup_gid): Likewise. > * libshouldbeinlibc/idvec-verify.c (verify_passwd): Likewise. > (verify_id): Likewise. > --- > libshouldbeinlibc/idvec-rep.c | 4 ++-- > libshouldbeinlibc/idvec-verify.c | 7 ++++--- > 2 files changed, 6 insertions(+), 5 deletions(-) > > diff --git a/libshouldbeinlibc/idvec-rep.c b/libshouldbeinlibc/idvec-rep.c > index 16408a4..4fc7712 100644 > --- a/libshouldbeinlibc/idvec-rep.c > +++ b/libshouldbeinlibc/idvec-rep.c > @@ -129,7 +129,7 @@ lookup_uid (uid_t uid) > { > char buf[1024]; > struct passwd _pw, *pw; > - if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0) > + if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0 && pw) > return strdup (pw->pw_name); > else > return 0; > @@ -141,7 +141,7 @@ lookup_gid (gid_t gid) > { > char buf[1024]; > struct group _gr, *gr; > - if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0) > + if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0 && gr) > return strdup (gr->gr_name); > else > return 0; > diff --git a/libshouldbeinlibc/idvec-verify.c > b/libshouldbeinlibc/idvec-verify.c > index 4d9b6db..4019a04 100644 > --- a/libshouldbeinlibc/idvec-verify.c > +++ b/libshouldbeinlibc/idvec-verify.c > @@ -107,7 +107,8 @@ verify_passwd (const char *password, > return pw->pw_passwd; > } > > - if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw)) > + if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw) > + || ! pw) > return errno ?: EINVAL; > > sys_encrypted = check_shadow (pw); > @@ -266,7 +267,7 @@ verify_id (uid_t id, int is_group, int multiple, > { > struct group _gr, *gr; > if (getgrgid_r (id, &_gr, id_lookup_buf, sizeof id_lookup_buf, > &gr) > - == 0) > + == 0 && gr) > { > if (!gr->gr_passwd || !*gr->gr_passwd) > return (*verify_fn) ("", id, 1, gr, verify_hook); > @@ -278,7 +279,7 @@ verify_id (uid_t id, int is_group, int multiple, > { > struct passwd _pw, *pw; > if (getpwuid_r (id, &_pw, id_lookup_buf, sizeof id_lookup_buf, > &pw) > - == 0) > + == 0 && pw) > { > if (strcmp (pw->pw_passwd, SHADOW_PASSWORD_STRING) == 0) > { > -- > 2.5.3 > >
signature.asc
Description: signature