d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gr_equal(): Fix a crash that could occur if the first group's member list

Browse Source 
was longer than the second's. There is no need to compute and compare the
member list lengths in a separate pass, since we now just return false when
comparing member names if the list lengths are not equal.

MFC after:	2 weeks
This commit is contained in:
Mark Johnston 2015-01-25 00:47:06 +00:00
parent b8797aec6f
commit f8c8839091
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=277669
1 changed files with 10 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
lib/libutil/gr_util.c
View File

@ -351,8 +351,6 @@ gr_fini(void)
int
gr_equal(const struct group *gr1, const struct group *gr2)
{
int gr1_ndx;
int gr2_ndx;
/* Check that the non-member information is the same. */
if (gr1->gr_name == NULL || gr2->gr_name == NULL) {
@ -368,7 +366,8 @@ gr_equal(const struct group *gr1, const struct group *gr2)
if (gr1->gr_gid != gr2->gr_gid)
return (false);
/* Check all members in both groups.
/*
* Check all members in both groups.
* getgrnam can return gr_mem with a pointer to NULL.
* gr_dup and gr_add strip out this superfluous NULL, setting
* gr_mem to NULL for no members.
@ -376,22 +375,18 @@ gr_equal(const struct group *gr1, const struct group *gr2)
if (gr1->gr_mem != NULL && gr2->gr_mem != NULL) {
int i;
for (i = 0; gr1->gr_mem[i] != NULL; i++) {
for (i = 0;
gr1->gr_mem[i] != NULL && gr2->gr_mem[i] != NULL; i++) {
if (strcmp(gr1->gr_mem[i], gr2->gr_mem[i]) != 0)
return (false);
}
}
/* Count number of members in both structs */
gr2_ndx = 0;
if (gr2->gr_mem != NULL)
for(; gr2->gr_mem[gr2_ndx] != NULL; gr2_ndx++)
/* empty */;
gr1_ndx = 0;
if (gr1->gr_mem != NULL)
for(; gr1->gr_mem[gr1_ndx] != NULL; gr1_ndx++)
/* empty */;
if (gr1_ndx != gr2_ndx)
if (gr1->gr_mem[i] != NULL || gr2->gr_mem[i] != NULL)
return (false);
} else if (gr1->gr_mem != NULL && gr1->gr_mem[0] != NULL) {
return (false);
} else if (gr2->gr_mem != NULL && gr2->gr_mem[0] != NULL) {
return (false);
}
return (true);
}