summaryrefslogtreecommitdiff
path: root/libshouldbeinlibc/idvec-verify.c
diff options
context:
space:
mode:
authorJames Clarke <jrtc27@jrtc27.com>2015-09-29 18:06:46 +0100
committerJustus Winter <4winter@informatik.uni-hamburg.de>2015-10-05 13:09:16 +0200
commitbf6d5e67e86a059c1ffbde425d0f3f05fd0a0717 (patch)
tree3d5a1f0e64558b9d0b9f4e73905f9fdff53e0b8e /libshouldbeinlibc/idvec-verify.c
parent407237da61abdc0c82d91efab392d78b7e464fb4 (diff)
Add missing null checks in libshouldbeinlibc
The getpwnam_r and similar functions only return non-zero on error, but not finding the given name/UID/GID does not count as an error. When they return 0, the value of the result (*result when looking at the arguments in the man pages) still needs to be checked for null. * libshouldbeinlibc/idvec-rep.c (lookup_uid): Check result for null. (lookup_gid): Likewise. * libshouldbeinlibc/idvec-verify.c (verify_passwd): Likewise. (verify_id): Likewise.
Diffstat (limited to 'libshouldbeinlibc/idvec-verify.c')
-rw-r--r--libshouldbeinlibc/idvec-verify.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/libshouldbeinlibc/idvec-verify.c b/libshouldbeinlibc/idvec-verify.c
index 4d9b6dbe..4019a04b 100644
--- a/libshouldbeinlibc/idvec-verify.c
+++ b/libshouldbeinlibc/idvec-verify.c
@@ -107,7 +107,8 @@ verify_passwd (const char *password,
return pw->pw_passwd;
}
- if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw))
+ if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw)
+ || ! pw)
return errno ?: EINVAL;
sys_encrypted = check_shadow (pw);
@@ -266,7 +267,7 @@ verify_id (uid_t id, int is_group, int multiple,
{
struct group _gr, *gr;
if (getgrgid_r (id, &_gr, id_lookup_buf, sizeof id_lookup_buf, &gr)
- == 0)
+ == 0 && gr)
{
if (!gr->gr_passwd || !*gr->gr_passwd)
return (*verify_fn) ("", id, 1, gr, verify_hook);
@@ -278,7 +279,7 @@ verify_id (uid_t id, int is_group, int multiple,
{
struct passwd _pw, *pw;
if (getpwuid_r (id, &_pw, id_lookup_buf, sizeof id_lookup_buf, &pw)
- == 0)
+ == 0 && pw)
{
if (strcmp (pw->pw_passwd, SHADOW_PASSWORD_STRING) == 0)
{