bug-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

setauth segfaults when giving an inexistent username

From: Marc-Olivier Mercier
Subject: setauth segfaults when giving an inexistent username
Date: Thu, 13 Mar 2008 19:43:02 -0400
User-agent: Mozilla-Thunderbird 2.0.0.9 (X11/20080109) 
Hi all,
I tried to used setauth and it segfaults when I passed a wrong user name (or even a wrong group name). The problem is when the args are parsed. In libshouldbeinlibc/ugids-argp.c, the function getpwnam_r is used. It is assumed that getpwnam_r return non-zero if the user does not exist, which is false. There's nothing in the POSIX spec that tells that user name that doesn't exist should return an error. In fact, this is considered as a success. The only way to know for sure that a user doesn't exist is by looking if pwbufp is NULL. The same thing applies to the group and the getgrnam_r function.
I attached a patch, but i want to know what is supposed to be done when there's a real error return by getpwnam_r. 

Marc. O

Index: libshouldbeinlibc/ugids-argp.c
===================================================================
RCS file: /sources/hurd/hurd/libshouldbeinlibc/ugids-argp.c,v
retrieving revision 1.2
diff -u -p -r1.2 ugids-argp.c
--- libshouldbeinlibc/ugids-argp.c      11 Jul 1999 06:02:55 -0000      1.2
+++ libshouldbeinlibc/ugids-argp.c      13 Mar 2008 23:30:24 -0000
@@ -83,14 +83,22 @@ parse_opt (int key, char *arg, struct ar
       else
        {
          struct passwd _pw, *pw;
-         if (getpwnam_r (arg, &_pw, id_lookup_buf, sizeof id_lookup_buf, &pw)
-             == 0)
-           uid = pw->pw_uid;
+          int error;
+         error = getpwnam_r (arg, &_pw, id_lookup_buf, 
+                          sizeof id_lookup_buf, &pw);
+         if (error == 0)
+            {
+              /* Even if the username does not exist, getpwnam_r succeded */
+              if (pw == NULL)
+                {
+                 argp_failure (state, 10, 0, "%s: Unknown user", arg);
+                  return EINVAL;
+                }
+
+             uid = pw->pw_uid;
+            }
          else
-           {
-             argp_failure (state, 10, 0, "%s: Unknown user", arg);
-             return EINVAL;
-           }
+           return error;
        }
 
       if (key == ARGP_KEY_ARG || key == ARGP_KEY_END)
@@ -121,14 +129,20 @@ parse_opt (int key, char *arg, struct ar
       else
        {
          struct group _gr, *gr;
-         if (getgrnam_r (arg, &_gr, id_lookup_buf, sizeof id_lookup_buf, &gr)
-             == 0)
-           return ugids_add_gid (ugids, gr->gr_gid, key == 'G');
+          int error = getgrnam_r (arg, &_gr, id_lookup_buf, 
+                                  sizeof id_lookup_buf, &gr);
+         if (error == 0)
+            {
+              if (gr == NULL)
+                {
+                 argp_failure (state, 11, 0, "%s: Unknown group", arg);
+                 return EINVAL;
+                }
+
+             return ugids_add_gid (ugids, gr->gr_gid, key == 'G');
+            }
          else
-           {
-             argp_failure (state, 11, 0, "%s: Unknown group", arg);
-             return EINVAL;
-           }
+           return error;
        }
 
     default:
reply via email to
[Prev in Thread] Current Thread [Next in Thread]