Mercurial > illumos > illumos-gate

changeset 10386:935ab057bcbb

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
6831257 getgrnam_r() and getpwnam_r() should check for valid gid
author Pradhap Devarajan <Pradhap.Devarajan@Sun.COM>
date Thu, 27 Aug 2009 06:42:41 +0530
parents 21cb6e67d108
children 389b100ce3d8
files usr/src/lib/libc/port/gen/getgrnam_r.c usr/src/lib/libc/port/gen/getpwnam_r.c
diffstat 2 files changed, 14 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/usr/src/lib/libc/port/gen/getgrnam_r.c	Wed Aug 26 12:54:24 2009 -0600
+++ b/usr/src/lib/libc/port/gen/getgrnam_r.c	Thu Aug 27 06:42:41 2009 +0530
@@ -38,6 +38,7 @@
 #include <synch.h>
 #include <sys/param.h>
 #include <sys/mman.h>
+#include <errno.h>
 
 extern int _getgroupsbymember(const char *, gid_t[], int, int);
 int str2group(const char *, int, void *, char *, int);
@@ -378,12 +379,14 @@
 			return (NSS_STR_PARSE_PARSE);
 	}
 	if (!black_magic) {
+		errno = 0;
 		tmp = strtoul(p, &next, 10);
-		if (next == p) {
+		if (next == p || errno != 0) {
 			/* gid field should be nonempty */
+			/* also check errno from strtoul */
 			return (NSS_STR_PARSE_PARSE);
 		}
-		if (group->gr_gid >= UINT32_MAX)
+		if (tmp >= UINT32_MAX)
 			group->gr_gid = GID_NOBODY;
 		else
 			group->gr_gid = (gid_t)tmp;
--- a/usr/src/lib/libc/port/gen/getpwnam_r.c	Wed Aug 26 12:54:24 2009 -0600
+++ b/usr/src/lib/libc/port/gen/getpwnam_r.c	Thu Aug 27 06:42:41 2009 +0530
@@ -20,7 +20,7 @@
  */
 
 /*
- * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -34,6 +34,7 @@
 #include <string.h>
 #include <stdlib.h>
 #include <sys/mman.h>
+#include <errno.h>
 
 int str2passwd(const char *, int, void *,
 	char *, int);
@@ -316,9 +317,11 @@
 		 * which is 4 bytes or else we will end up
 		 * truncating the value.
 		 */
+		errno = 0;
 		tmp = strtoul(p, &next, 10);
-		if (next == p) {
+		if (next == p || errno != 0) {
 			/* uid field should be nonempty */
+			/* also check errno from strtoul */
 			return (NSS_STR_PARSE_PARSE);
 		}
 		/*
@@ -349,16 +352,18 @@
 			return (NSS_STR_PARSE_PARSE);
 	}
 	if (!black_magic) {
+		errno = 0;
 		tmp = strtoul(p, &next, 10);
-		if (next == p) {
+		if (next == p || errno != 0) {
 			/* gid field should be nonempty */
+			/* also check errno from strtoul */
 			return (NSS_STR_PARSE_PARSE);
 		}
 		/*
 		 * gid should not be -1; anything else
 		 * is administrative policy.
 		 */
-		if (passwd->pw_gid >= UINT32_MAX)
+		if (tmp >= UINT32_MAX)
 			passwd->pw_gid = GID_NOBODY;
 		else
 			passwd->pw_gid = (gid_t)tmp;