add patch series

2 files changed, 77 insertions, 0 deletions

diff --git a/debian/patches/james-getpwnam0001-Add-missing-null-checks-in-libshouldbeinlibc.patch b/debian/patches/james-getpwnam0001-Add-missing-null-checks-in-libshouldbeinlibc.patch
new file mode 100644
index 00000000..a5fec07f
--- /dev/null
+++ b/debian/patches/james-getpwnam0001-Add-missing-null-checks-in-libshouldbeinlibc.patch
@@ -0,0 +1,76 @@
+From bf6d5e67e86a059c1ffbde425d0f3f05fd0a0717 Mon Sep 17 00:00:00 2001
+From: James Clarke <jrtc27@jrtc27.com>
+Date: Tue, 29 Sep 2015 18:06:46 +0100
+Subject: [PATCH hurd] Add missing null checks in libshouldbeinlibc
+
+The getpwnam_r and similar functions only return non-zero on error, but not
+finding the given name/UID/GID does not count as an error. When they return 0,
+the value of the result (*result when looking at the arguments in the man pages)
+still needs to be checked for null.
+
+* libshouldbeinlibc/idvec-rep.c (lookup_uid): Check result for null.
+(lookup_gid): Likewise.
+* libshouldbeinlibc/idvec-verify.c (verify_passwd): Likewise.
+(verify_id): Likewise.
+---
+ libshouldbeinlibc/idvec-rep.c    | 4 ++--
+ libshouldbeinlibc/idvec-verify.c | 7 ++++---
+ 2 files changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/libshouldbeinlibc/idvec-rep.c b/libshouldbeinlibc/idvec-rep.c
+index 16408a4..4fc7712 100644
+--- a/libshouldbeinlibc/idvec-rep.c
++++ b/libshouldbeinlibc/idvec-rep.c
+@@ -129,7 +129,7 @@ lookup_uid (uid_t uid)
+ {
+   char buf[1024];
+   struct passwd _pw, *pw;
+-  if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0)
++  if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0 && pw)
+     return strdup (pw->pw_name);
+   else
+     return 0;
+@@ -141,7 +141,7 @@ lookup_gid (gid_t gid)
+ {
+   char buf[1024];
+   struct group _gr, *gr;
+-  if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0)
++  if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0 && gr)
+     return strdup (gr->gr_name);
+   else
+     return 0;
+diff --git a/libshouldbeinlibc/idvec-verify.c b/libshouldbeinlibc/idvec-verify.c
+index 4d9b6db..4019a04 100644
+--- a/libshouldbeinlibc/idvec-verify.c
++++ b/libshouldbeinlibc/idvec-verify.c
+@@ -107,7 +107,8 @@ verify_passwd (const char *password,
+ 	  return pw->pw_passwd;
+ 	}
+ 
+-      if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw))
++      if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw)
++	  || ! pw)
+ 	return errno ?: EINVAL;
+ 
+       sys_encrypted = check_shadow (pw);
+@@ -266,7 +267,7 @@ verify_id (uid_t id, int is_group, int multiple,
+ 	  {
+ 	    struct group _gr, *gr;
+ 	    if (getgrgid_r (id, &_gr, id_lookup_buf, sizeof id_lookup_buf, &gr)
+-		== 0)
++		== 0 && gr)
+ 	      {
+ 		if (!gr->gr_passwd || !*gr->gr_passwd)
+ 		  return (*verify_fn) ("", id, 1, gr, verify_hook);
+@@ -278,7 +279,7 @@ verify_id (uid_t id, int is_group, int multiple,
+ 	  {
+ 	    struct passwd _pw, *pw;
+ 	    if (getpwuid_r (id, &_pw, id_lookup_buf, sizeof id_lookup_buf, &pw)
+-		== 0)
++		== 0 && pw)
+ 	      {
+ 		if (strcmp (pw->pw_passwd, SHADOW_PASSWORD_STRING) == 0)
+ 		  {
+-- 
+2.1.4
+
diff --git a/debian/patches/series b/debian/patches/series
index 68dfa6ca..e2553251 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -75,3 +75,4 @@ introspection0009-fixup_libports.patch
 introspection0010-fixup_libintrospection.patch
 introspection0011-fixup_libintrospection.patch
 introspection0012-fixup_libintrospection.patch
+james-getpwnam0001-Add-missing-null-checks-in-libshouldbeinlibc.patch