Date: Sun, 22 Jul 2018 22:34:20 +0000 (UTC) From: Ian Lepore <ian@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r336619 - head/lib/libc/gen Message-ID: <201807222234.w6MMYKpn030237@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ian Date: Sun Jul 22 22:34:20 2018 New Revision: 336619 URL: https://svnweb.freebsd.org/changeset/base/336619 Log: Set the pw_class field to NULL when scanning the non-master passwd file. This avoids a null pointer deref in pw_dup(), which assumes that all pointers are either NULL or valid. Modified: head/lib/libc/gen/pw_scan.c Modified: head/lib/libc/gen/pw_scan.c ============================================================================== --- head/lib/libc/gen/pw_scan.c Sun Jul 22 21:39:27 2018 (r336618) +++ head/lib/libc/gen/pw_scan.c Sun Jul 22 22:34:20 2018 (r336619) @@ -170,7 +170,8 @@ __pw_scan(char *bp, struct passwd *pw, int flags) if (p[0]) pw->pw_fields |= _PWF_EXPIRE; pw->pw_expire = atol(p); - } + } else + pw->pw_class = NULL; if (!(pw->pw_gecos = strsep(&bp, ":"))) /* gecos */ goto fmt; if (pw->pw_gecos[0])
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201807222234.w6MMYKpn030237>