CVSROOT: /cvs
Module name: src
Changes by: mill...@cvs.openbsd.org 2018/09/09 07:53:11
Modified files:
usr.bin/rdist : common.c defs.h expand.c
usr.bin/rdistd : server.c
Log message:
Fix a crash in rdistd triggered by the recent getpw{ent,nam,uid}
changes. This stems from rdist stashing a pointer to the static
area used by getpw{ent,nam,uid} and using it to avoid repeating
passwd lookups when pw->pw_name matches the user to be looked up.
This relied on undefined behavior, and with the recent passwd
changes, is no longer possible as the old pointer will be invalidated.
A better approach is to use the upcoming uid_from_user(3) functions.
Found by and fix OK tim@
