[PATCH 1/1] Add missing null checks in libshouldbeinlibc

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 1/1] Add missing null checks in libshouldbeinlibc

From:	James Clarke
Subject:	[PATCH 1/1] Add missing null checks in libshouldbeinlibc
Date:	Tue, 29 Sep 2015 18:06:46 +0100

The getpwnam_r and similar functions only return non-zero on error, but not
finding the given name/UID/GID does not count as an error. When they return 0,
the value of the result (*result when looking at the arguments in the man pages)
still needs to be checked for null.

* libshouldbeinlibc/idvec-rep.c (lookup_uid): Check result for null.
(lookup_gid): Likewise.
* libshouldbeinlibc/idvec-verify.c (verify_passwd): Likewise.
(verify_id): Likewise.
---
 libshouldbeinlibc/idvec-rep.c    | 4 ++--
 libshouldbeinlibc/idvec-verify.c | 7 ++++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/libshouldbeinlibc/idvec-rep.c b/libshouldbeinlibc/idvec-rep.c
index 16408a4..4fc7712 100644
--- a/libshouldbeinlibc/idvec-rep.c
+++ b/libshouldbeinlibc/idvec-rep.c
@@ -129,7 +129,7 @@ lookup_uid (uid_t uid)
 {
   char buf[1024];
   struct passwd _pw, *pw;
-  if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0)
+  if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0 && pw)
     return strdup (pw->pw_name);
   else
     return 0;
@@ -141,7 +141,7 @@ lookup_gid (gid_t gid)
 {
   char buf[1024];
   struct group _gr, *gr;
-  if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0)
+  if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0 && gr)
     return strdup (gr->gr_name);
   else
     return 0;
diff --git a/libshouldbeinlibc/idvec-verify.c b/libshouldbeinlibc/idvec-verify.c
index 4d9b6db..4019a04 100644
--- a/libshouldbeinlibc/idvec-verify.c
+++ b/libshouldbeinlibc/idvec-verify.c
@@ -107,7 +107,8 @@ verify_passwd (const char *password,
          return pw->pw_passwd;
        }
 
-      if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw))
+      if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw)
+         || ! pw)
        return errno ?: EINVAL;
 
       sys_encrypted = check_shadow (pw);
@@ -266,7 +267,7 @@ verify_id (uid_t id, int is_group, int multiple,
          {
            struct group _gr, *gr;
            if (getgrgid_r (id, &_gr, id_lookup_buf, sizeof id_lookup_buf, &gr)
-               == 0)
+               == 0 && gr)
              {
                if (!gr->gr_passwd || !*gr->gr_passwd)
                  return (*verify_fn) ("", id, 1, gr, verify_hook);
@@ -278,7 +279,7 @@ verify_id (uid_t id, int is_group, int multiple,
          {
            struct passwd _pw, *pw;
            if (getpwuid_r (id, &_pw, id_lookup_buf, sizeof id_lookup_buf, &pw)
-               == 0)
+               == 0 && pw)
              {
                if (strcmp (pw->pw_passwd, SHADOW_PASSWORD_STRING) == 0)
                  {
-- 
2.5.3

[Prev in Thread]

Current Thread

[Next in Thread]

Hurd Login Utility, James Clarke, 2015/10/04
- Re: Hurd Login Utility, James Clarke, 2015/10/08
  - [PATCH 0/1] Add missing null checks in libshouldbeinlibc, James Clarke, 2015/10/08
  - [PATCH 1/1] Add missing null checks in libshouldbeinlibc, James Clarke <=
    - Re: [PATCH 1/1] Add missing null checks in libshouldbeinlibc, Justus Winter, 2015/10/08

Prev by Date: [PATCH 0/1] Add missing null checks in libshouldbeinlibc
Next by Date: Re: Shortest path to significant improvement in hardware support
Previous by thread: [PATCH 0/1] Add missing null checks in libshouldbeinlibc
Next by thread: Re: [PATCH 1/1] Add missing null checks in libshouldbeinlibc
Index(es):
- Date
- Thread