diff options
author | thomas <thomas@FreeBSD.org> | 2006-09-04 15:09:21 +0000 |
---|---|---|
committer | thomas <thomas@FreeBSD.org> | 2006-09-04 15:09:21 +0000 |
commit | 2bf8d53a14b0b38788407982e63e84cefabca4bd (patch) | |
tree | 62782ca016f1ee462f7063433eedf18a5d7bf951 /lib/libutil/pw_util.c | |
parent | f9af67a2ee416805cc0b514e37bc84f5e9e6f0b2 (diff) | |
download | FreeBSD-src-2bf8d53a14b0b38788407982e63e84cefabca4bd.zip FreeBSD-src-2bf8d53a14b0b38788407982e63e84cefabca4bd.tar.gz |
(pw_copy): Handle the case of a malformed line in master.passwd
(copy it silently, do not dereference NULL pointer).
PR: bin/102848
Reviewed by: security-officer (cperciva)
MFC after: 1 week
Diffstat (limited to 'lib/libutil/pw_util.c')
-rw-r--r-- | lib/libutil/pw_util.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/lib/libutil/pw_util.c b/lib/libutil/pw_util.c index 90c9d72..6d372c0 100644 --- a/lib/libutil/pw_util.c +++ b/lib/libutil/pw_util.c @@ -481,13 +481,22 @@ pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw) } /* is it the one we're looking for? */ + t = *q; *q = '\0'; + fpw = pw_scan(r, PWSCAN_MASTER); + + /* + * fpw is either the struct password for the current line, + * or NULL if the line is malformed. + */ + *q = t; - if (strcmp(fpw->pw_name, pw->pw_name) != 0) { + if (fpw == NULL || strcmp(fpw->pw_name, pw->pw_name) != 0) { /* nope */ - free(fpw); + if (fpw != NULL) + free(fpw); if (write(tfd, p, q - p + 1) != q - p + 1) goto err; ++q; |