From cbc397fd102fb399489ec0fd2f50e388f47fbcf3 Mon Sep 17 00:00:00 2001 From: Ian Lepore Date: Sun, 22 Jul 2018 22:34:20 +0000 Subject: [PATCH] Set the pw_class field to NULL when scanning the non-master passwd file. This avoids a null pointer deref in pw_dup(), which assumes that all pointers are either NULL or valid. --- lib/libc/gen/pw_scan.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/libc/gen/pw_scan.c b/lib/libc/gen/pw_scan.c index a7dbdf2cb5b9..01146e9111d1 100644 --- a/lib/libc/gen/pw_scan.c +++ b/lib/libc/gen/pw_scan.c @@ -170,7 +170,8 @@ __pw_scan(char *bp, struct passwd *pw, int flags) if (p[0]) pw->pw_fields |= _PWF_EXPIRE; pw->pw_expire = atol(p); - } + } else + pw->pw_class = NULL; if (!(pw->pw_gecos = strsep(&bp, ":"))) /* gecos */ goto fmt; if (pw->pw_gecos[0])