Mercurial > illumos > illumos-gate
changeset 10386:935ab057bcbb
6831257 getgrnam_r() and getpwnam_r() should check for valid gid
author | Pradhap Devarajan <Pradhap.Devarajan@Sun.COM> |
---|---|
date | Thu, 27 Aug 2009 06:42:41 +0530 |
parents | 21cb6e67d108 |
children | 389b100ce3d8 |
files | usr/src/lib/libc/port/gen/getgrnam_r.c usr/src/lib/libc/port/gen/getpwnam_r.c |
diffstat | 2 files changed, 14 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/lib/libc/port/gen/getgrnam_r.c Wed Aug 26 12:54:24 2009 -0600 +++ b/usr/src/lib/libc/port/gen/getgrnam_r.c Thu Aug 27 06:42:41 2009 +0530 @@ -38,6 +38,7 @@ #include <synch.h> #include <sys/param.h> #include <sys/mman.h> +#include <errno.h> extern int _getgroupsbymember(const char *, gid_t[], int, int); int str2group(const char *, int, void *, char *, int); @@ -378,12 +379,14 @@ return (NSS_STR_PARSE_PARSE); } if (!black_magic) { + errno = 0; tmp = strtoul(p, &next, 10); - if (next == p) { + if (next == p || errno != 0) { /* gid field should be nonempty */ + /* also check errno from strtoul */ return (NSS_STR_PARSE_PARSE); } - if (group->gr_gid >= UINT32_MAX) + if (tmp >= UINT32_MAX) group->gr_gid = GID_NOBODY; else group->gr_gid = (gid_t)tmp;
--- a/usr/src/lib/libc/port/gen/getpwnam_r.c Wed Aug 26 12:54:24 2009 -0600 +++ b/usr/src/lib/libc/port/gen/getpwnam_r.c Thu Aug 27 06:42:41 2009 +0530 @@ -20,7 +20,7 @@ */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -34,6 +34,7 @@ #include <string.h> #include <stdlib.h> #include <sys/mman.h> +#include <errno.h> int str2passwd(const char *, int, void *, char *, int); @@ -316,9 +317,11 @@ * which is 4 bytes or else we will end up * truncating the value. */ + errno = 0; tmp = strtoul(p, &next, 10); - if (next == p) { + if (next == p || errno != 0) { /* uid field should be nonempty */ + /* also check errno from strtoul */ return (NSS_STR_PARSE_PARSE); } /* @@ -349,16 +352,18 @@ return (NSS_STR_PARSE_PARSE); } if (!black_magic) { + errno = 0; tmp = strtoul(p, &next, 10); - if (next == p) { + if (next == p || errno != 0) { /* gid field should be nonempty */ + /* also check errno from strtoul */ return (NSS_STR_PARSE_PARSE); } /* * gid should not be -1; anything else * is administrative policy. */ - if (passwd->pw_gid >= UINT32_MAX) + if (tmp >= UINT32_MAX) passwd->pw_gid = GID_NOBODY; else passwd->pw_gid = (gid_t)tmp;