Date: Fri, 30 Nov 2012 18:25:05 -0500 From: Eitan Adler <lists@eitanadler.com> To: Nikos Vassiliadis <nvass@gmx.com> Cc: freebsd-bugs@freebsd.org, bug-followup@freebsd.org Subject: Re: bin/173977: pw(8) does not do range-checking on UIDs/GUIs from user's input, passwd DB becomes inconsistent Message-ID: <CAF6rxgnbi6jmG-Y0JKyp5tD2US5YTdoATSfq7MF9D6kEyZy%2BBg@mail.gmail.com> In-Reply-To: <201211281841.qASIfkx4033378@red.freebsd.org> References: <201211281841.qASIfkx4033378@red.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 28 November 2012 13:41, Nikos Vassiliadis <nvass@gmx.com> wrote: > Index: usr.sbin/pw/pw_group.c > =================================================================== > --- usr.sbin/pw/pw_group.c (revision 243652) > +++ usr.sbin/pw/pw_group.c (working copy) > @@ -350,6 +350,8 @@ > */ > if (a_gid != NULL) { > gid = (gid_t) atol(a_gid->val); atoi overflow is considered undefined behavior so the error can not be meaningfully be checked. In particular the compiler may assume the error will never occur and elide the check. Ideally this call is replaced with one of the stro* functions. > + if (errno == ERANGE || errno == EINVAL) > + errx(EX_DATAERR, "gid %s is invalid", a_gid->val); -- Eitan Adler
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgnbi6jmG-Y0JKyp5tD2US5YTdoATSfq7MF9D6kEyZy%2BBg>