[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: idvec-verify...
From: |
Alfred M. Szmidt |
Subject: |
Re: idvec-verify... |
Date: |
Sat, 23 Oct 2004 22:23:54 +0200 |
> addauth with numeric IDs that are not in passwd/group/shadow
> should still work for root. Does it?
>
> For some value of works, yes. ids will segfault if you try to
> list effective/active ids in idvec-rep.c:loopkup_uid() since we
> try to access memory at NULL (line 133).
That means addauth is fine, and ids has a bug.
You mean that idvec-{verify,rep,anything-that-uses-get*_r}.c has a
bug.
> The idvec-verify.c functions still shouldn't cause a segfault,
> the same applies to idvec-rep.c and any other case that doesn't
> check what get*_r() returns.
Of course.
Will send a patch for it then.