jimzah/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src.git synced 2024-12-02 10:42:45 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Set the pw_class field to NULL when scanning the non-master passwd file.

Browse Source 
This avoids a null pointer deref in pw_dup(), which assumes that all
pointers are either NULL or valid.
This commit is contained in:
Ian Lepore 2018-07-22 22:34:20 +00:00
parent 75b9becc2c
commit cbc397fd10
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=336619
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/libc/gen/pw_scan.c
View File

@ -170,7 +170,8 @@ __pw_scan(char *bp, struct passwd *pw, int flags)
if (p[0])
pw->pw_fields |= _PWF_EXPIRE;
pw->pw_expire = atol(p);
}
} else
pw->pw_class = NULL;
if (!(pw->pw_gecos = strsep(&bp, ":"))) /* gecos */
goto fmt;
if (pw->pw_gecos[0])