D32993.id98570.diff
No OneTemporary
Actions

Size

2 KB

Referenced Files

None

Subscribers

None

D32993.id98570.diff
View Options

	diff --git a/usr.sbin/mountd/mountd.c b/usr.sbin/mountd/mountd.c
	--- a/usr.sbin/mountd/mountd.c
	+++ b/usr.sbin/mountd/mountd.c
	@@ -3537,6 +3537,8 @@
	struct group *gr;
	gid_t groups[NGROUPS_MAX + 1];
	int ngroups;
	+ unsigned long name_ul;
	+ char *end = NULL;

	/*
	* Set up the unprivileged user.
	@@ -3550,20 +3552,25 @@
	*/
	names = namelist;
	name = strsep_quote(&names, ":");
	- /* Bug? name could be NULL here */
	- if (isdigit(name) \|\| name == '-')
	- pw = getpwuid(atoi(name));
	- else
	+ if (name == NULL) {
	+ syslog(LOG_ERR, "invalid names: %s", names);
	+ return;
	+ }
	+ name_ul = strtoul(name, &end, 10);
	+ if (*end != '\0' \|\| end == name)
	pw = getpwnam(name);
	+ else
	+ pw = getpwuid((uid_t)name_ul);
	+ if (pw == NULL) {
	+ syslog(LOG_ERR, "unknown user: %s", name);
	+ return;
	+ }
	+ cr->cr_uid = pw->pw_uid;
	+ cr->cr_ngroups = 0;
	/*
	* Credentials specified as those of a user.
	*/
	if (names == NULL) {
	- if (pw == NULL) {
	- syslog(LOG_ERR, "unknown user: %s", name);
	- return;
	- }
	- cr->cr_uid = pw->pw_uid;
	ngroups = NGROUPS_MAX + 1;
	if (getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups)) {
	syslog(LOG_ERR, "too many groups");
	@@ -3576,8 +3583,9 @@
	if (ngroups > 1 && groups[0] == groups[1]) {
	ngroups--;
	inpos = 2;
	- } else
	+ } else {
	inpos = 1;
	+ }
	if (ngroups > NGROUPS_MAX)
	ngroups = NGROUPS_MAX;
	if (ngroups > SMALLNGROUPS)
	@@ -3592,25 +3600,22 @@
	* Explicit credential specified as a colon separated list:
	* uid:gid:gid:...
	*/
	- if (pw != NULL)
	- cr->cr_uid = pw->pw_uid;
	- else if (isdigit(name) \|\| name == '-')
	- cr->cr_uid = atoi(name);
	- else {
	- syslog(LOG_ERR, "unknown user: %s", name);
	- return;
	- }
	- cr->cr_ngroups = 0;
	while (names != NULL && *names != '\0' && cr->cr_ngroups < NGROUPS_MAX) {
	name = strsep_quote(&names, ":");
	- if (isdigit(name) \|\| name == '-') {
	- groups[cr->cr_ngroups++] = atoi(name);
	- } else {
	+ if (name == NULL) {
	+ syslog(LOG_ERR, "invalid names: %s", names);
	+ return;
	+ }
	+ name_ul = strtoul(name, &end, 10);
	+ if (*end != '\0' \|\| end == name) {
	if ((gr = getgrnam(name)) == NULL) {
	syslog(LOG_ERR, "unknown group: %s", name);
	continue;
	+ } else {
	+ groups[cr->cr_ngroups++] = gr->gr_gid;
	}
	- groups[cr->cr_ngroups++] = gr->gr_gid;
	+ } else {
	+ groups[cr->cr_ngroups++] = name_ul;
	}
	}
	if (names != NULL && *names != '\0' && cr->cr_ngroups == NGROUPS_MAX)

File Metadata

Mime Type: text/plain
Expires: Tue, May 19, 12:15 AM (18 h, 3 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 33278929
Default Alt Text: D32993.id98570.diff (2 KB)

D32993.id98570.diffNo OneTemporaryActions

D32993.id98570.diffView Options

File Metadata

Event Timeline

D32993.id98570.diff
No OneTemporary
Actions

D32993.id98570.diff
View Options