From cf4f1c7775f445987d8df1a4b4c4c7a12a0928e8 Mon Sep 17 00:00:00 2001 From: Simon Wilkinson Date: Wed, 27 Feb 2013 09:23:07 +0000 Subject: [PATCH] pt_util: Protect against corrupt input files If we have an input file which contains a group membership line (with a leading space) before any group definitions occur, pt_util would use stack garbage as the group to create these members in. Avoid this by requiring the presence of a group line before any membership lines. Caught by coverity (#92180, #986000, #92248) Reviewed-on: http://gerrit.openafs.org/9296 Tested-by: BuildBot Reviewed-by: Derrick Brashear Reviewed-by: Jeffrey Altman (cherry picked from commit 12ced70c95fe8efbcec09a372f0af81d819bb8cd) Change-Id: I1ad524ed701e78ebe5b2e990168782a75d69613b Reviewed-on: http://gerrit.openafs.org/11023 Reviewed-by: Chas Williams - CONTRACTOR Reviewed-by: Andrew Deason Tested-by: BuildBot Reviewed-by: Stephan Wiesand --- src/ptserver/pt_util.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/ptserver/pt_util.c b/src/ptserver/pt_util.c index ddbe22bde..213e5b1dd 100644 --- a/src/ptserver/pt_util.c +++ b/src/ptserver/pt_util.c @@ -246,6 +246,7 @@ CommandProc(struct cmd_syndesc *a_as, void *arock) while (fgets(buffer, sizeof(buffer), dfp)) { int oid, cid, quota, uid; + int seenGroup = 0; char name[PR_MAXNAMELEN], mem[PR_MAXNAMELEN]; if (isspace(*buffer)) { @@ -256,6 +257,13 @@ CommandProc(struct cmd_syndesc *a_as, void *arock) exit(1); } + if (!seenGroup) { + fprintf(stderr, + "Group member %s listed outside of group\n", + mem); + exit(1); + } + for (u = usr_head; u; u = u->next) if (u->uid && u->uid == uid) break; @@ -312,6 +320,8 @@ CommandProc(struct cmd_syndesc *a_as, void *arock) exit(1); } + seenGroup = 1; + if (FindByID(0, id)) code = PRIDEXIST; else -- 2.39.5