jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-18 23:10:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pt_util: Protect against corrupt input files

Browse Source 
If we have an input file which contains a group membership line
(with a leading space) before any group definitions occur, pt_util
would use stack garbage as the group to create these members in.

Avoid this by requiring the presence of a group line before any
membership lines.

Caught by coverity (#92180, #986000, #92248)

Change-Id: I536f089d67041dbf90f35b6dfeed5ba3303318a8
Reviewed-on: http://gerrit.openafs.org/9296
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
This commit is contained in:
Simon Wilkinson 2013-02-27 09:23:07 +00:00 committed by Jeffrey Altman
parent 62a10e063b
commit 12ced70c95
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/ptserver/pt_util.c
View File

@ -234,6 +234,7 @@ CommandProc(struct cmd_syndesc *a_as, void *arock)
while (fgets(buffer, sizeof(buffer), dfp)) { while (fgets(buffer, sizeof(buffer), dfp)) {
int id, oid, cid, flags, quota, uid; int id, oid, cid, flags, quota, uid;
int seenGroup = 0;
char name[PR_MAXNAMELEN], mem[PR_MAXNAMELEN]; char name[PR_MAXNAMELEN], mem[PR_MAXNAMELEN];
if (isspace(*buffer)) { if (isspace(*buffer)) {
@ -244,6 +245,13 @@ CommandProc(struct cmd_syndesc *a_as, void *arock)
exit(1); exit(1);
} }
if (!seenGroup) {
fprintf(stderr,
"Group member %s listed outside of group\n",
mem);
exit(1);
}
for (u = usr_head; u; u = u->next) for (u = usr_head; u; u = u->next)
if (u->uid && u->uid == uid) if (u->uid && u->uid == uid)
break; break;
@ -300,6 +308,8 @@ CommandProc(struct cmd_syndesc *a_as, void *arock)
exit(1); exit(1);
} }
seenGroup = 1;
if (FindByID(0, id)) if (FindByID(0, id))
code = PRIDEXIST; code = PRIDEXIST;
else else