[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: idvec-verify...
From: |
Roland McGrath |
Subject: |
Re: idvec-verify... |
Date: |
Sat, 23 Oct 2004 15:57:09 -0400 (EDT) |
> addauth with numeric IDs that are not in passwd/group/shadow should
> still work for root. Does it?
>
> For some value of works, yes. ids will segfault if you try to list
> effective/active ids in idvec-rep.c:loopkup_uid() since we try to
> access memory at NULL (line 133).
That means addauth is fine, and ids has a bug.
> The idvec-verify.c functions still shouldn't cause a segfault, the
> same applies to idvec-rep.c and any other case that doesn't check what
> get*_r() returns.
Of course.
> Maybe just fixing get*_r() to set a return value of != 0 if the
> structure it returns is NULL would be a better fix. What do you
> think?
No, that breaks the interface they have. There is nothing wrong with their
behavior now.