]> git.michaelhowe.org Git - packages/o/openafs.git/commitdiff
projects / packages / o / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a7d4fbd)
pam: Check for null upwd from getpwnam_r
authorAndrew Deason <adeason@sinenomine.net>
Wed, 13 Apr 2011 16:10:52 +0000 (11:10 -0500)
committerDerrick Brashear <shadow@dementia.org>
Fri, 15 Apr 2011 17:13:01 +0000 (10:13 -0700)
The POSIX getpwnam_r can yield a NULL struct passwd pointer even when
the returned error code is 0 (in particular, when the requested entry
is not found). Just add a check for a null upwd to make sure we don't
dereference a NULL pointer.

Change-Id: I00e8d6c53e8228f468c984010695b798f5dcf999
Reviewed-on: http://gerrit.openafs.org/4469
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
src/pam/afs_auth.c patch | blob | history
src/pam/afs_password.c patch | blob | history
src/pam/afs_setcred.c patch | blob | history

diff --git a/src/pam/afs_auth.c b/src/pam/afs_auth.c
index 0b8eec69f216fd7c9148a26865ecb0fd187bd61b..0fff2fdc901441e5fc0710bf12b03d6baa4d3f97 100644 (file)
--- a/src/pam/afs_auth.c
+++ b/src/pam/afs_auth.c
@@ -179,7 +179,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
     if (i == 0)                        /* getpwnam_r success */
        upwd = &unix_pwd;
 #endif /* else AFS_HPUX110_ENV */
-    if (ignore_uid && i == 0 && upwd->pw_uid <= ignore_uid_id) {
+    if (ignore_uid && i == 0 && upwd && upwd->pw_uid <= ignore_uid_id) {
        pam_afs_syslog(LOG_INFO, PAMAFS_IGNORINGROOT, user);
        RET(PAM_AUTH_ERR);
     }
diff --git a/src/pam/afs_password.c b/src/pam/afs_password.c
index 1350164fa2ac21a54fcceebe7d1349eaa2d1ea70..a315d2e6673687ebfbf2c0347022307955890b6f 100644 (file)
--- a/src/pam/afs_password.c
+++ b/src/pam/afs_password.c
@@ -123,7 +123,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
     if (i == 0)                        /* getpwnam_r success */
        upwd = &unix_pwd;
 #endif /* else AFS_HPUX110_ENV */
-    if (ignore_root && i == 0 && upwd->pw_uid == 0) {
+    if (ignore_root && i == 0 && upwd && upwd->pw_uid == 0) {
        pam_afs_syslog(LOG_INFO, PAMAFS_IGNORINGROOT, user);
        RET(PAM_AUTH_ERR);
     }
diff --git a/src/pam/afs_setcred.c b/src/pam/afs_setcred.c
index 286b262d2f141315d57a78b3f693d89ba3f70dda..88062c66ecdf4425f039388f50b3e1ad0efe6a60 100644 (file)
--- a/src/pam/afs_setcred.c
+++ b/src/pam/afs_setcred.c
@@ -158,7 +158,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
     if (i == 0)                        /* getpwnam_r success */
        upwd = &unix_pwd;
 #endif /* AFS_HPUX110_ENV */
-    if (ignore_uid && i == 0 && upwd->pw_uid <= ignore_uid_id) {
+    if (ignore_uid && i == 0 && upwd && upwd->pw_uid <= ignore_uid_id) {
        pam_afs_syslog(LOG_INFO, PAMAFS_IGNORINGROOT, user);
        RET(PAM_AUTH_ERR);
     }