From bf6d5e67e86a059c1ffbde425d0f3f05fd0a0717 Mon Sep 17 00:00:00 2001
From: James Clarke <jrtc27@jrtc27.com>
Date: Tue, 29 Sep 2015 18:06:46 +0100
Subject: Add missing null checks in libshouldbeinlibc

The getpwnam_r and similar functions only return non-zero on error, but not
finding the given name/UID/GID does not count as an error. When they return 0,
the value of the result (*result when looking at the arguments in the man pages)
still needs to be checked for null.

* libshouldbeinlibc/idvec-rep.c (lookup_uid): Check result for null.
(lookup_gid): Likewise.
* libshouldbeinlibc/idvec-verify.c (verify_passwd): Likewise.
(verify_id): Likewise.
---
 libshouldbeinlibc/idvec-rep.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'libshouldbeinlibc/idvec-rep.c')

diff --git a/libshouldbeinlibc/idvec-rep.c b/libshouldbeinlibc/idvec-rep.c
index 16408a4d..4fc7712d 100644
--- a/libshouldbeinlibc/idvec-rep.c
+++ b/libshouldbeinlibc/idvec-rep.c
@@ -129,7 +129,7 @@ lookup_uid (uid_t uid)
 {
   char buf[1024];
   struct passwd _pw, *pw;
-  if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0)
+  if (getpwuid_r (uid, &_pw, buf, sizeof buf, &pw) == 0 && pw)
     return strdup (pw->pw_name);
   else
     return 0;
@@ -141,7 +141,7 @@ lookup_gid (gid_t gid)
 {
   char buf[1024];
   struct group _gr, *gr;
-  if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0)
+  if (getgrgid_r (gid, &_gr, buf, sizeof buf, &gr) == 0 && gr)
     return strdup (gr->gr_name);
   else
     return 0;
-- 
cgit v1.2.3