Hi Andrew, Andrew Fresh wrote on Thu, Mar 26, 2015 at 01:12:39PM -0700: > On Thu, Mar 26, 2015 at 03:42:07PM +0100, Ingo Schwarze wrote:
>> Hi Andrew (or any other developer), >> >> OK to commit the following fix? >> >> Note that chomping after splitting is important because split >> drops trailing empty fields. > A blank home_dir is valid? Certainly not in general, but it does occur in the "+:*:0:0:::" YP entry. > I will defer to others on that but seems surprising to me. In case we want security(8) to catch that, the right function to do so would be check_passwd(), not find_homes(). But i would consider that a separate matter. > Although I haven't had time to apply the patch and try it, the > implementation looks sane given that above is as expected. > > OK afresh1@ Thanks for checking! Ingo >> Index: security >> =================================================================== >> RCS file: /cvs/src/libexec/security/security,v >> retrieving revision 1.32 >> diff -u -p -r1.32 security >> --- security 4 Dec 2014 00:07:21 -0000 1.32 >> +++ security 26 Mar 2015 14:23:53 -0000 >> @@ -336,7 +336,16 @@ sub find_homes { >> nag !(open my $fh, '<', $filename), >> "open: $filename: $!" >> and return []; >> - my $homes = [ map [ @{[split /:/]}[0,2,5] ], <$fh> ]; >> + my $homes = []; >> + while (<$fh>) { >> + my $entry = [ @{[split /:/]}[0,2,5] ]; >> + chomp; >> + nag !defined $entry->[2], >> + "Incomplete line \"$_\" in $filename." >> + and next; >> + chomp $entry->[2]; >> + push @$homes, $entry; >> + } >> close $fh; >> return $homes; >> }