diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2019-12-03 17:45:03 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2019-12-03 17:45:03 +0000 |
| commit | d9070c63de87ffc4a7eda61c0cc59fb506aa153c (patch) | |
| tree | 713def20d015ef08b7cc97b94fd3958e76712fc5 /usr.sbin | |
| parent | f84a0a0ffcf5d5663d4c0945671d43b14cc5048b (diff) | |
don't crash with *NULL if user does not exist
from discussion with jsg
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/radiusd/radiusd_bsdauth.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/usr.sbin/radiusd/radiusd_bsdauth.c b/usr.sbin/radiusd/radiusd_bsdauth.c index 7237cf1d735..be68a89cb4f 100644 --- a/usr.sbin/radiusd/radiusd_bsdauth.c +++ b/usr.sbin/radiusd/radiusd_bsdauth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: radiusd_bsdauth.c,v 1.12 2019/04/01 11:05:41 yasuoka Exp $ */ +/* $OpenBSD: radiusd_bsdauth.c,v 1.13 2019/12/03 17:45:02 deraadt Exp $ */ /* * Copyright (c) 2015 YASUOKA Masahiko <yasuoka@yasuoka.net> @@ -190,22 +190,24 @@ main(int argc, char *argv[]) group[args->grouplen - 1] = '\0'; pw = getpwnam(user); + if (pw == NULL) + goto invalid; if (getgrnam_r(group, &gr0, g_buf, sizeof(g_buf), &gr) == -1 || gr == NULL) - goto group_done; + goto invalid; if (gr->gr_gid == pw->pw_gid) { group_ok = true; - goto group_done; + goto invalid; } for (i = 0; gr->gr_mem[i] != NULL; i++) { if (strcmp(gr->gr_mem[i], pw->pw_name) == 0) { group_ok = true; - goto group_done; + goto invalid; } } -group_done: +invalid: endgrent(); imsg_compose(&ibuf, (group_ok) |