Author: ian
Date: Sun Jul 22 22:34:20 2018
New Revision: 336619
URL: https://svnweb.freebsd.org/changeset/base/336619
Log:
Set the pw_class field to NULL when scanning the non-master passwd file.
This avoids a null pointer deref in pw_dup(), which assumes that all
pointers are either NULL or valid.
Modified:
head/lib/libc/gen/pw_scan.c
Modified: head/lib/libc/gen/pw_scan.c
==============================================================================
--- head/lib/libc/gen/pw_scan.c Sun Jul 22 21:39:27 2018 (r336618)
+++ head/lib/libc/gen/pw_scan.c Sun Jul 22 22:34:20 2018 (r336619)
@@ -170,7 +170,8 @@ __pw_scan(char *bp, struct passwd *pw, int flags)
if (p[0])
pw->pw_fields |= _PWF_EXPIRE;
pw->pw_expire = atol(p);
- }
+ } else
+ pw->pw_class = NULL;
if (!(pw->pw_gecos = strsep(&bp, ":"))) /* gecos */
goto fmt;
if (pw->pw_gecos[0])
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "[email protected]"
