Do not dereference a null pointer for a malformed line in master.passwd.
authorPeter Avalos <pavalos@theshell.com>
Sun, 28 Dec 2008 06:25:56 +0000 (01:25 -0500)
committerPeter Avalos <pavalos@theshell.com>
Sat, 3 Jan 2009 16:47:23 +0000 (11:47 -0500)
Instead, just copy it silently to prevent programs from bailing.  While
I'm here, remove some (void) casts.

Obtained-from: FreeBSD

lib/libutil/Makefile
lib/libutil/libutil.h
lib/libutil/pw_util.c

index e7c8695..b919c04 100644 (file)
@@ -4,7 +4,6 @@
 
 LIB=   util
 SHLIB_MAJOR= 4
-CFLAGS+=-I${.CURDIR} -I${.CURDIR}/../../sys
 CFLAGS+=-DINET6
 CFLAGS+=-D_CTYPE_H_DISABLE_MACROS_ 
 SRCS=  flopen.c login.c login_tty.c logout.c logwtmp.c pty.c \
@@ -15,6 +14,8 @@ SRCS= flopen.c login.c login_tty.c logout.c logwtmp.c pty.c \
 INCS=  libutil.h login_cap.h
 WARNS?=        2
 
+CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../libc/gen/
+
 MAN+=  flopen.3 login.3 login_auth.3 login_tty.3 logout.3 logwtmp.3 pty.3 \
        login_cap.3 login_class.3 login_times.3 login_ok.3 \
        _secure_path.3 uucplock.3 property.3 auth.3 realhostname.3 \
index 12eeed9..f90a60d 100644 (file)
@@ -121,6 +121,10 @@ __END_DECLS
 #define        FPARSELN_UNESCREST      0x08
 #define        FPARSELN_UNESCALL       0x0f
 
+/* pw_scan() */
+#define PWSCAN_MASTER          0x01
+#define PWSCAN_WARN            0x02
+
 /* humanize_number(3) */ 
 #define HN_DECIMAL             0x01 
 #define HN_NOSPACE             0x02 
index a7ac6ef..532e799 100644 (file)
@@ -33,7 +33,8 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $FreeBSD: src/lib/libutil/pw_util.c,v 1.35 2004/05/18 15:53:58 stefanf Exp $
+ * @(#)pw_util.c       8.3 (Berkeley) 4/2/94
+ * $FreeBSD: src/lib/libutil/pw_util.c,v 1.38 2007/01/09 01:02:05 imp Exp $
  * $DragonFly: src/lib/libutil/pw_util.c,v 1.2 2007/12/30 13:44:33 matthias Exp $
  */
 
@@ -309,8 +310,8 @@ pw_edit(int notsetuid)
                sigaction(SIGQUIT, &sa_quit, NULL);
                sigprocmask(SIG_SETMASK, &oldsigset, NULL);
                if (notsetuid) {
-                       (void)setgid(getgid());
-                       (void)setuid(getuid());
+                       setgid(getgid());
+                       setuid(getuid());
                }
                errno = 0;
                execlp(editor, basename(editor), tempname, (char *)NULL);
@@ -472,13 +473,22 @@ pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw)
                }
 
                /* is it the one we're looking for? */
+
                t = *q;
                *q = '\0';
-               fpw = pw_scan(r, _PWSCAN_MASTER);
+
+               fpw = pw_scan(r, PWSCAN_MASTER);
+
+               /*
+                * fpw is either the struct passwd for the current line,
+                * or NULL if the line is malformed.
+                */
+
                *q = t;
-               if (strcmp(fpw->pw_name, pw->pw_name) != 0) {
+               if (fpw == NULL || strcmp(fpw->pw_name, pw->pw_name) != 0) {
                        /* nope */
-                       free(fpw);
+                       if (fpw != NULL)
+                               free(fpw);
                        if (write(tfd, p, q - p + 1) != q - p + 1)
                                goto err;
                        ++q;
@@ -584,6 +594,8 @@ pw_dup(const struct passwd *pw)
        return (npw);
 }
 
+#include "pw_scan.h"
+
 /*
  * Wrapper around an internal libc function
  */