[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bugs in idvec-verify.c, almost...

From: Marcus Brinkmann
Subject: Re: bugs in idvec-verify.c, almost...
Date: Sat, 6 Sep 2003 15:06:19 +0200
User-agent: Mutt/1.5.4i

On Sat, Sep 06, 2003 at 10:56:09AM +0200, Alfred M. Szmidt wrote:
> there are two or possibly three small bugs in idvec-verify.c that
> use--or abuse--the functions getpwuid_r() and getspnam_r().  It mostly
> concerns the fact that they don't return (nor does any other NSS
> related function AFAIK) anything useful, that is they always return
> 0), nor do they set errno.  So this could apply to _any_ function that
> is based on the getXXbyYY_r.c (same thing for getXXbyYY.c?) file in
> libc, I haven't checked this yet--and I don't want to since that code
> is quite similar to /dev/random.  I also want to double check the code
> in idvec-verify.c is correct (or wrong) before moving this to
> libc-alpha, since it could apply to any system that uses the GNU C
> Library.

The glibc manual says these function can return an error, so we should check
for one.  But we should also check for NULL return values, it seems.  The
POSIX specification is not very clearly worded, but it seems that not
finding an entry is also a "successful" operation (no error value is defined
for an unsuccesful lookup if it failed  because the user does not exist).
> For example, in idvec-verify.c (around line 280), we have the
> following,
>  if (getpwuid_r (id, &_pw, id_lookup_buf, sizeof id_lookup_buf, &pw)
>      == 0)

That code is ugly anyway, we should do function calls outside of if
conditions.  So this could be cleaned up along with the semantic fix.

You might enter this in the Savannah bug database (please get someone to
verify that the bug exists first, or test it yourself), and then someone
(you?) can work on a fix.


`Rhubarb is no Egyptian god.' GNU      http://www.gnu.org    marcus@gnu.org
Marcus Brinkmann              The Hurd http://www.gnu.org/software/hurd/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]