svn commit: r277669 - head/lib/libutil

Sat, 24 Jan 2015 16:47:27 -0800 

Author: markj
Date: Sun Jan 25 00:47:06 2015
New Revision: 277669
URL: https://svnweb.freebsd.org/changeset/base/277669

Log:
  gr_equal(): Fix a crash that could occur if the first group's member list
  was longer than the second's. There is no need to compute and compare the
  member list lengths in a separate pass, since we now just return false when
  comparing member names if the list lengths are not equal.
  
  MFC after:    2 weeks

Modified:
  head/lib/libutil/gr_util.c

Modified: head/lib/libutil/gr_util.c
==============================================================================
--- head/lib/libutil/gr_util.c  Sun Jan 25 00:36:42 2015        (r277668)
+++ head/lib/libutil/gr_util.c  Sun Jan 25 00:47:06 2015        (r277669)
@@ -351,8 +351,6 @@ gr_fini(void)
 int
 gr_equal(const struct group *gr1, const struct group *gr2)
 {
-       int gr1_ndx;
-       int gr2_ndx;
 
        /* Check that the non-member information is the same. */
        if (gr1->gr_name == NULL || gr2->gr_name == NULL) {
@@ -368,7 +366,8 @@ gr_equal(const struct group *gr1, const 
        if (gr1->gr_gid != gr2->gr_gid)
                return (false);
 
-       /* Check all members in both groups.
+       /*
+        * Check all members in both groups.
         * getgrnam can return gr_mem with a pointer to NULL.
         * gr_dup and gr_add strip out this superfluous NULL, setting
         * gr_mem to NULL for no members.
@@ -376,22 +375,18 @@ gr_equal(const struct group *gr1, const 
        if (gr1->gr_mem != NULL && gr2->gr_mem != NULL) {
                int i;
 
-               for (i = 0; gr1->gr_mem[i] != NULL; i++) {
+               for (i = 0;
+                   gr1->gr_mem[i] != NULL && gr2->gr_mem[i] != NULL; i++) {
                        if (strcmp(gr1->gr_mem[i], gr2->gr_mem[i]) != 0)
                                return (false);
                }
-       }
-       /* Count number of members in both structs */
-       gr2_ndx = 0;
-       if (gr2->gr_mem != NULL)
-               for(; gr2->gr_mem[gr2_ndx] != NULL; gr2_ndx++)
-                       /* empty */;
-       gr1_ndx = 0;
-       if (gr1->gr_mem != NULL)
-               for(; gr1->gr_mem[gr1_ndx] != NULL; gr1_ndx++)
-                       /* empty */;
-       if (gr1_ndx != gr2_ndx)
+               if (gr1->gr_mem[i] != NULL || gr2->gr_mem[i] != NULL)
+                       return (false);
+       } else if (gr1->gr_mem != NULL && gr1->gr_mem[0] != NULL) {
                return (false);
+       } else if (gr2->gr_mem != NULL && gr2->gr_mem[0] != NULL) {
+               return (false);
+       }
 
        return (true);
 }
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to