summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorwpaul <wpaul@FreeBSD.org>1995-03-18 05:03:10 +0000
committerwpaul <wpaul@FreeBSD.org>1995-03-18 05:03:10 +0000
commitaf3a4131b55bff6fc49423e96a198e8b2ab9dd97 (patch)
tree5d2d683c668960039fd58d8655206e7d2dae541a
parentfa0492e32baad11a81a035184623eeb8fba4d452 (diff)
downloadFreeBSD-src-af3a4131b55bff6fc49423e96a198e8b2ab9dd97.zip
FreeBSD-src-af3a4131b55bff6fc49423e96a198e8b2ab9dd97.tar.gz
Fix 'putting +: in /etc/group causes many programs to dump core' bug
by heading off possible null pointer dereferences in grscan(). Also change getgrnam() slightly to properly handle the change: if grscan() returns an rval of 1 and leaves a '+' in the gr_name field and YP is enabled, poll the YP group.byname map before giving up. This should insure that we make every effort to find a match in the local and YP group databases before bailing out.
-rw-r--r--lib/libc/gen/getgrent.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/lib/libc/gen/getgrent.c b/lib/libc/gen/getgrent.c
index 286796b..dfcabb0 100644
--- a/lib/libc/gen/getgrent.c
+++ b/lib/libc/gen/getgrent.c
@@ -93,7 +93,8 @@ getgrnam(name)
return(NULL);
rval = grscan(1, 0, name);
#ifdef YP
- if(!rval && _gr_yp_enabled < 0) {
+ if(!rval && (_gr_yp_enabled < 0 || (_gr_yp_enabled &&
+ _gr_group.gr_name[0] == '+'))) {
rval = _getypgroup(&_gr_group, name, "group.byname");
}
#endif
@@ -229,6 +230,15 @@ grscan(search, gid, name)
continue;
}
}
+#ifdef YP
+ /*
+ * XXX We need to be careful to avoid proceeding
+ * past this point under certain circumstances or
+ * we risk dereferencing null pointers down below.
+ */
+ if (!search && _gr_group.gr_name[0] == '+')
+ return(1);
+#endif /* YP */
_gr_group.gr_passwd = strsep(&bp, ":\n");
if (!(cp = strsep(&bp, ":\n")))
continue;
OpenPOWER on IntegriCloud