apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From traw...@apache.org
Subject cvs commit: apr/user/unix userinfo.c
Date Fri, 20 Jul 2001 13:35:27 GMT
trawick     01/07/20 06:35:27

  Modified:    .        CHANGES
               user/unix userinfo.c
  Log:
  getpwnam_safe() must be provided with the struct passwd and char
  buffer to provide to getpwnam_r()... otherwise, the struct passwd
  and the data pointed to by it (e.g., pw_name) are no longer valid
  storage when getpwnam_safe() returns
  
  Revision  Changes    Path
  1.123     +3 -1      apr/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/apr/CHANGES,v
  retrieving revision 1.122
  retrieving revision 1.123
  diff -u -r1.122 -r1.123
  --- CHANGES	2001/07/20 12:36:13	1.122
  +++ CHANGES	2001/07/20 13:35:27	1.123
  @@ -1,6 +1,8 @@
   Changes with APR b1  
   
  -  *) Use getpwnam_r() and getgrgid_r() instead of getpwnam() and getgrgid()
  +  *) Fix a possible data corruption problem with the use of getpwnam_r() on 
  +     all platforms where that function is used.
  +     Use getpwnam_r() and getgrgid_r() instead of getpwnam() and getgrgid()
        with threaded builds on glibc (2.1, at least) to avoid thread safety
        issues.  [Jeff Trawick]
   
  
  
  
  1.14      +26 -18    apr/user/unix/userinfo.c
  
  Index: userinfo.c
  ===================================================================
  RCS file: /home/cvs/apr/user/unix/userinfo.c,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- userinfo.c	2001/07/20 12:36:13	1.13
  +++ userinfo.c	2001/07/20 13:35:27	1.14
  @@ -66,17 +66,22 @@
   #include <unistd.h> /* for _POSIX_THREAD_SAFE_FUNCTIONS */
   #endif
   
  +#define PWBUF_SIZE 512
  +
   static apr_status_t getpwnam_safe(const char *username,
  -                                  struct passwd **pw)
  +                                  struct passwd *pw,
  +                                  char pwbuf[PWBUF_SIZE])
   {
  +    struct passwd *pwptr;
   #if APR_HAS_THREADS && defined(_POSIX_THREAD_SAFE_FUNCTIONS) && defined(HAVE_GETPWNAM_R)
  -    struct passwd pwd;
  -    char pwbuf[512];
  -
  -    if (getpwnam_r(username, &pwd, pwbuf, sizeof(pwbuf), pw)) {
  +    if (!getpwnam_r(username, pw, pwbuf, PWBUF_SIZE, &pwptr)) {
  +        /* nothing extra to do on success */
   #else
  -    if ((*pw = getpwnam(username)) == NULL) {
  +    if ((pwptr = getpwnam(username)) != NULL) {
  +        memcpy(pw, pwptr, sizeof *pw);
   #endif
  +    }
  +    else {
           if (errno == 0) {
               /* this can happen with getpwnam() on FreeBSD 4.3 */
               return APR_EGENERAL;
  @@ -90,17 +95,18 @@
                                                    const char *username,
                                                    apr_pool_t *p)
   {
  -    struct passwd *pw;
  +    struct passwd pw;
  +    char pwbuf[PWBUF_SIZE];
       apr_status_t rv;
   
  -    if ((rv = getpwnam_safe(username, &pw)) != APR_SUCCESS)
  +    if ((rv = getpwnam_safe(username, &pw, pwbuf)) != APR_SUCCESS)
           return rv;
   
   #ifdef OS2
       /* Need to manually add user name for OS/2 */
  -    *dirname = apr_pstrcat(p, pw->pw_dir, pw->pw_name, NULL);
  +    *dirname = apr_pstrcat(p, pw.pw_dir, pw.pw_name, NULL);
   #else
  -    *dirname = apr_pstrdup(p, pw->pw_dir);
  +    *dirname = apr_pstrdup(p, pw.pw_dir);
   #endif
       return APR_SUCCESS;
   }
  @@ -108,14 +114,15 @@
   APR_DECLARE(apr_status_t) apr_get_userid(apr_uid_t *uid, apr_gid_t *gid,
                                            const char *username, apr_pool_t *p)
   {
  -    struct passwd *pw;
  +    struct passwd pw;
  +    char pwbuf[PWBUF_SIZE];
       apr_status_t rv;
           
  -    if ((rv = getpwnam_safe(username, &pw)) != APR_SUCCESS)
  +    if ((rv = getpwnam_safe(username, &pw, pwbuf)) != APR_SUCCESS)
           return rv;
   
  -    *uid = pw->pw_uid;
  -    *gid = pw->pw_gid;
  +    *uid = pw.pw_uid;
  +    *gid = pw.pw_gid;
   
       return APR_SUCCESS;
   }
  @@ -125,7 +132,7 @@
       struct passwd *pw;
   #if APR_HAS_THREADS && defined(_POSIX_THREAD_SAFE_FUNCTIONS) && defined(HAVE_GETPWUID_R)
       struct passwd pwd;
  -    char pwbuf[512];
  +    char pwbuf[PWBUF_SIZE];
   
       if (getpwuid_r(userid, &pwd, pwbuf, sizeof(pwbuf), &pw)) {
   #else
  @@ -140,16 +147,17 @@
   APR_DECLARE(apr_status_t) apr_get_user_passwd(char **passwd,
                                            const char *username, apr_pool_t *p)
   {
  -    struct passwd *pw;
  +    struct passwd pw;
  +    char pwbuf[PWBUF_SIZE];
       apr_status_t rv;
           
  -    if ((rv = getpwnam_safe(username, &pw)) != APR_SUCCESS)
  +    if ((rv = getpwnam_safe(username, &pw, pwbuf)) != APR_SUCCESS)
           return rv;
   
   #if defined(__MVS__) /* silly hack, but this function will be replaced soon anyway */
       *passwd = "x"; /* same as many Linux (and Solaris and more) boxes these days */
   #else
  -    *passwd = apr_pstrdup(p, pw->pw_passwd);
  +    *passwd = apr_pstrdup(p, pw.pw_passwd);
   #endif
   
       return APR_SUCCESS;
  
  
  

Mime
View raw message