From: Andrew Deason <adeason@sinenomine.net>
Date: Wed, 13 Apr 2011 16:10:52 +0000 (-0500)
Subject: pam: Check for null upwd from getpwnam_r
X-Git-Tag: upstream/1.8.0_pre1^2~3860
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=fbb4c6115b9af9c52ee06fa9c979a3f4195ad342;p=packages%2Fo%2Fopenafs.git

pam: Check for null upwd from getpwnam_r

The POSIX getpwnam_r can yield a NULL struct passwd pointer even when
the returned error code is 0 (in particular, when the requested entry
is not found). Just add a check for a null upwd to make sure we don't
dereference a NULL pointer.

Change-Id: I00e8d6c53e8228f468c984010695b798f5dcf999
Reviewed-on: http://gerrit.openafs.org/4469
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
---

diff --git a/src/pam/afs_auth.c b/src/pam/afs_auth.c
index 0b8eec69f..0fff2fdc9 100644
--- a/src/pam/afs_auth.c
+++ b/src/pam/afs_auth.c
@@ -179,7 +179,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
     if (i == 0)			/* getpwnam_r success */
 	upwd = &unix_pwd;
 #endif /* else AFS_HPUX110_ENV */
-    if (ignore_uid && i == 0 && upwd->pw_uid <= ignore_uid_id) {
+    if (ignore_uid && i == 0 && upwd && upwd->pw_uid <= ignore_uid_id) {
 	pam_afs_syslog(LOG_INFO, PAMAFS_IGNORINGROOT, user);
 	RET(PAM_AUTH_ERR);
     }
diff --git a/src/pam/afs_password.c b/src/pam/afs_password.c
index 1350164fa..a315d2e66 100644
--- a/src/pam/afs_password.c
+++ b/src/pam/afs_password.c
@@ -123,7 +123,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
     if (i == 0)			/* getpwnam_r success */
 	upwd = &unix_pwd;
 #endif /* else AFS_HPUX110_ENV */
-    if (ignore_root && i == 0 && upwd->pw_uid == 0) {
+    if (ignore_root && i == 0 && upwd && upwd->pw_uid == 0) {
 	pam_afs_syslog(LOG_INFO, PAMAFS_IGNORINGROOT, user);
 	RET(PAM_AUTH_ERR);
     }
diff --git a/src/pam/afs_setcred.c b/src/pam/afs_setcred.c
index 286b262d2..88062c66e 100644
--- a/src/pam/afs_setcred.c
+++ b/src/pam/afs_setcred.c
@@ -158,7 +158,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
     if (i == 0)			/* getpwnam_r success */
 	upwd = &unix_pwd;
 #endif /* AFS_HPUX110_ENV */
-    if (ignore_uid && i == 0 && upwd->pw_uid <= ignore_uid_id) {
+    if (ignore_uid && i == 0 && upwd && upwd->pw_uid <= ignore_uid_id) {
 	pam_afs_syslog(LOG_INFO, PAMAFS_IGNORINGROOT, user);
 	RET(PAM_AUTH_ERR);
     }