NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/40994 (usermod -l change password so user is unable to login)
The following reply was made to PR bin/40994; it has been noted by GNATS.
From: Michael van Elst <mlelstv%serpens.de@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc:
Subject: Re: bin/40994 (usermod -l change password so user is unable to
login)
Date: Wed, 11 Mar 2009 14:38:54 +0100
The bug comes from using the result of getpwnam() while calling
getpwnam() a second time (to check wether the new username already
exists).
This patch replaces the first call to getpwnam() with the
reentrant version and a private buffer.
---------------
Index: user.c
===================================================================
RCS file: /cvsroot/src/usr.sbin/user/user.c,v
retrieving revision 1.117
diff -u -r1.117 user.c
--- user.c 2 Nov 2006 21:42:08 -0000 1.117
+++ user.c 11 Mar 2009 13:20:09 -0000
@@ -1386,7 +1386,7 @@
static int
moduser(char *login_name, char *newlogin, user_t *up, int allow_samba)
{
- struct passwd *pwp;
+ struct passwd *pwp, pw;
struct group *grp;
const char *homedir;
char *locked_pwd;
@@ -1396,6 +1396,7 @@
FILE *master;
char newdir[MaxFileNameLen];
char buf[MaxEntryLen];
+ char pwbuf[MaxEntryLen];
char *colon;
int masterfd;
int ptmpfd;
@@ -1405,7 +1406,8 @@
errx(EXIT_FAILURE, "Can't modify user `%s': invalid login name",
login_name);
}
- if ((pwp = getpwnam(login_name)) == NULL) {
+ if (getpwnam_r(login_name, &pw, pwbuf, sizeof(pwbuf), &pwp) != 0
+ || pwp == NULL) {
errx(EXIT_FAILURE, "Can't modify user `%s': no such user",
login_name);
}
---------------
Greetings,
--
Michael van Elst
Internet: mlelstv%serpens.de@localhost
"A potential Snark may lurk in every tree."
Home |
Main Index |
Thread Index |
Old Index