From owner-freebsd-bugs  Sat Jan 11 20:10:03 1997
Return-Path: <owner-bugs>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id UAA29729
          for bugs-outgoing; Sat, 11 Jan 1997 20:10:03 -0800 (PST)
Received: (from gnats@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id UAA29723;
          Sat, 11 Jan 1997 20:10:01 -0800 (PST)
Date: Sat, 11 Jan 1997 20:10:01 -0800 (PST)
Message-Id: <199701120410.UAA29723@freefall.freebsd.org>
To: freebsd-bugs
Cc: 
From: Giles Lean <giles@nemeton.com.au>
Subject: Re: bin/1387: Group file errors cause absolute havoc
Reply-To: Giles Lean <giles@nemeton.com.au>
Sender: owner-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

The following reply was made to PR bin/1387; it has been noted by GNATS.

From: Giles Lean <giles@nemeton.com.au>
To: freebsd-gnats-submit@freebsd.org
Cc:  Subject: Re: bin/1387: Group file errors cause absolute havoc
Date: Sat, 11 Jan 1997 22:59:58 -0500

 --------------1CFBAE3959E2B60015FB7483
 Content-Type: text/plain; charset=us-ascii
 Content-Transfer-Encoding: 7bit
 
 This problem is due to getpwent() and friends bailing out on
 malformed lines instead of ignoring them.
 
 The following patch to the 2.2 candidate code causes malformed
 lines to be ignored.
 
 For reference the NetBSD code has the same changes made.
 
 A similar problem needs to be fixed in the dynamic buffer code
 in 3.0-current, but the 2.2 release is more urgent.
 
 -- 
 
 Giles Lean             <giles@nemeton.com.au>           +61 3 9480 2118
 Nemeton Pty. Ltd.                                   fax +61 3 9480 1771
 PGP Key fingerprint =  9F FB 28 37 81 F2 AC F3  8A B0 37 E5 73 CF 39 E7
 
 --------------1CFBAE3959E2B60015FB7483
 Content-Type: text/plain; charset=us-ascii; name="diff"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline; filename="diff"
 
 Index: getgrent.c
 ===================================================================
 RCS file: /a/FreeBSD/CVS/src/lib/libc/gen/getgrent.c,v
 retrieving revision 1.12.2.1
 diff -c -r1.12.2.1 getgrent.c
 *** getgrent.c	1996/12/31 17:42:28	1.12.2.1
 - --- getgrent.c	1997/01/11 09:59:20
 ***************
 *** 236,242 ****
   			continue;
   		}
   		if ((_gr_group.gr_name = strsep(&bp, ":\n")) == NULL)
 ! 			break;
   #ifdef YP
   		/*
   		 * XXX   We need to be careful to avoid proceeding
 --- 236,242 ----
   			continue;
   		}
   		if ((_gr_group.gr_name = strsep(&bp, ":\n")) == NULL)
 ! 			continue;
   #ifdef YP
   		/*
   		 * XXX   We need to be careful to avoid proceeding
 ***************
 *** 282,293 ****
   			if (_ypfound)
   				return(1);
   			else
 ! 				break;
   		if (strlen(cp) || !_ypfound)
   			_gr_group.gr_passwd = cp;
   #else
   		if ((_gr_group.gr_passwd = strsep(&bp, ":\n")) == NULL)
 ! 			break;
   #endif
   		if (!(cp = strsep(&bp, ":\n")))
   #ifdef YP
 --- 282,293 ----
   			if (_ypfound)
   				return(1);
   			else
 ! 				continue;
   		if (strlen(cp) || !_ypfound)
   			_gr_group.gr_passwd = cp;
   #else
   		if ((_gr_group.gr_passwd = strsep(&bp, ":\n")) == NULL)
 ! 			continue;
   #endif
   		if (!(cp = strsep(&bp, ":\n")))
   #ifdef YP
 ***************
 *** 308,314 ****
   			continue;
   		cp = NULL;
   		if (bp == NULL) /* !!! Must check for this! */
 ! 			break;
   #ifdef YP
   		if ((cp = strsep(&bp, ":\n")) == NULL)
   			break;
 --- 308,314 ----
   			continue;
   		cp = NULL;
   		if (bp == NULL) /* !!! Must check for this! */
 ! 			continue;
   #ifdef YP
   		if ((cp = strsep(&bp, ":\n")) == NULL)
   			break;
 
 --------------1CFBAE3959E2B60015FB7483--