diff options
| -rw-r--r-- | debian/patches/james-getpwnam0001-Add-missing-null-checks-in-libshouldbeinlibc.patch | 76 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
2 files changed, 0 insertions, 77 deletions
diff --git a/debian/patches/james-getpwnam0001-Add-missing-null-checks-in-libshouldbeinlibc.patch b/debian/patches/james-getpwnam0001-Add-missing-null-checks-in-libshouldbeinlibc.patch deleted file mode 100644 index a5fec07f..00000000 --- a/debian/patches/james-getpwnam0001-Add-missing-null-checks-in-libshouldbeinlibc.patch +++ /dev/null @@ -1,76 +0,0 @@ -From bf6d5e67e86a059c1ffbde425d0f3f05fd0a0717 Mon Sep 17 00:00:00 2001 -From: James Clarke <jrtc27@jrtc27.com> -Date: Tue, 29 Sep 2015 18:06:46 +0100 -Subject: [PATCH hurd] Add missing null checks in libshouldbeinlibc - -The getpwnam_r and similar functions only return non-zero on error, but not -finding the given name/UID/GID does not count as an error. When they return 0, -the value of the result (*result when looking at the arguments in the man pages) -still needs to be checked for null. - -* libshouldbeinlibc/idvec-rep.c (lookup_uid): Check result for null. -(lookup_gid): Likewise. -* libshouldbeinlibc/idvec-verify.c (verify_passwd): Likewise. -(verify_id): Likewise. ---- - libshouldbeinlibc/idvec-rep.c | 4 ++-- - libshouldbeinlibc/idvec-verify.c | 7 ++++--- - 2 files changed, 6 insertions(+), 5 deletions(-) - -diff --git a/libshouldbeinlibc/idvec-rep.c b/libshouldbeinlibc/idvec-rep.c -index 16408a4..4fc7712 100644 ---- a/libshouldbeinlibc/idvec-rep.c -+++ b/libshouldbeinlibc/idvec-rep.c -@@ -129,7 +129,7 @@ lookup_uid (uid_t uid) - { - char buf[1024]; - struct passwd _pw, *pw; -- if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0) -+ if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0 && pw) - return strdup (pw->pw_name); - else - return 0; -@@ -141,7 +141,7 @@ lookup_gid (gid_t gid) - { - char buf[1024]; - struct group _gr, *gr; -- if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0) -+ if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0 && gr) - return strdup (gr->gr_name); - else - return 0; -diff --git a/libshouldbeinlibc/idvec-verify.c b/libshouldbeinlibc/idvec-verify.c -index 4d9b6db..4019a04 100644 ---- a/libshouldbeinlibc/idvec-verify.c -+++ b/libshouldbeinlibc/idvec-verify.c -@@ -107,7 +107,8 @@ verify_passwd (const char *password, - return pw->pw_passwd; - } - -- if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw)) -+ if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw) -+ || ! pw) - return errno ?: EINVAL; - - sys_encrypted = check_shadow (pw); -@@ -266,7 +267,7 @@ verify_id (uid_t id, int is_group, int multiple, - { - struct group _gr, *gr; - if (getgrgid_r (id, &_gr, id_lookup_buf, sizeof id_lookup_buf, &gr) -- == 0) -+ == 0 && gr) - { - if (!gr->gr_passwd || !*gr->gr_passwd) - return (*verify_fn) ("", id, 1, gr, verify_hook); -@@ -278,7 +279,7 @@ verify_id (uid_t id, int is_group, int multiple, - { - struct passwd _pw, *pw; - if (getpwuid_r (id, &_pw, id_lookup_buf, sizeof id_lookup_buf, &pw) -- == 0) -+ == 0 && pw) - { - if (strcmp (pw->pw_passwd, SHADOW_PASSWORD_STRING) == 0) - { --- -2.1.4 - diff --git a/debian/patches/series b/debian/patches/series index e2553251..68dfa6ca 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -75,4 +75,3 @@ introspection0009-fixup_libports.patch introspection0010-fixup_libintrospection.patch introspection0011-fixup_libintrospection.patch introspection0012-fixup_libintrospection.patch -james-getpwnam0001-Add-missing-null-checks-in-libshouldbeinlibc.patch |