Fix a crash in rdistd triggered by the recent getpw{ent,nam,uid}

changes.  This stems from rdist stashing a pointer to the static
area used by getpw{ent,nam,uid} and using it to avoid repeating
passwd lookups when pw->pw_name matches the user to be looked up.

This relied on undefined behavior, and with the recent passwd
changes, is no longer possible as the old pointer will be invalidated.
A better approach is to use the upcoming uid_from_user(3) functions.
Found by and fix OK tim@

1 files changed, 6 insertions, 4 deletions

diff --git a/usr.bin/rdistd/server.c b/usr.bin/rdistd/server.c
index e86f764dad8..21f1d4145fb 100644
--- a/usr.bin/rdistd/server.c
+++ b/usr.bin/rdistd/server.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: server.c,v 1.43 2017/08/30 07:43:52 otto Exp $	*/
+/*	$OpenBSD: server.c,v 1.44 2018/09/09 13:53:11 millert Exp $	*/
 
 /*
  * Copyright (c) 1983 Regents of the University of California.
@@ -188,7 +188,9 @@ fchog(int fd, char *file, char *owner, char *group, int mode)
 	if (userid == 0) {	/* running as root; take anything */
 		if (*owner == ':') {
 			uid = (uid_t) atoi(owner + 1);
-		} else if (pw == NULL || strcmp(owner, pw->pw_name) != 0) {
+		} else if (strcmp(owner, locuser) != 0) {
+			struct passwd *pw;
+
 			if ((pw = getpwnam(owner)) == NULL) {
 				if (mode != -1 && IS_ON(mode, S_ISUID)) {
 					message(MT_NOTICE,
@@ -203,8 +205,8 @@ fchog(int fd, char *file, char *owner, char *group, int mode)
 			} else
 				uid = pw->pw_uid;
 		} else {
-			uid = pw->pw_uid;
-			primegid = pw->pw_gid;
+			uid = userid;
+			primegid = groupid;
 		}
 		if (*group == ':') {
 			gid = (gid_t)atoi(group + 1);