httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: minor -Wall warning
Date Fri, 25 Apr 1997 02:57:28 GMT

As I have said before, I don't use the ~user expansion. Luckily, 
peer review catches this stuff.  Good comments. I was hoping we 
could have discussed this change over the past few days.



> What the heck?  Is anyone even using suexec??  In util_script.c:
> 
>         if (!strncmp("/~",r->uri,2)) {
>             r->uri += 2;
> !!!USE A LOCAL VARIABLE!!!
> 
>             if ((pw = getpwnam (getword_nc (r->pool, &r->uri, '/'))) == NULL)
{
>                 log_unixerr("getpwnam", NULL, "invalid username", r->server);
>                 return;
>             }
>             r->uri -= 2;
> !!!USE A LOCAL VARIABLE!!!
> 
>             if ((gr = getgrgid (pw->pw_gid)) == NULL) {
>                 if ((grpname = palloc (r->pool, 16)) == NULL)
>                     return;
>                 else
>                     ap_snprintf(grpname, sizeof(grpname), "%d\0", pw->pw_gid);
> 
> Try 16 instead of sizeof(grpname).  The \0 is also unnecessary.
> 
>             }
>             else
>                 grpname = gr->gr_name;
>             execuser = (char *) palloc (r->pool, (sizeof(pw->pw_name) + 1));
>             execuser = pstrcat (r->pool, "~", pw->pw_name, NULL);
> 
> If suexec really wants a "~" on the front, then only the latter is needed.
> 
>         }
>         else {
>             if ((pw = getpwuid (r->server->server_uid)) == NULL) {
>                 log_unixerr("getpwuid", NULL, "invalid userid", r->server);
>                 return;
>             }
>             if ((gr = getgrgid (r->server->server_gid)) == NULL) {
>                 log_unixerr("getgrgid", NULL, "invalid groupid", r->server);
>                 return;
>             }
>             execuser = (char *) palloc (r->pool, sizeof(pw->pw_name));
>             execuser = pw->pw_name;
>         }
> 
> As Dean already mentioned, the first execuser line above is bogus
> and needs to be replaced with
> 
>             grpname = gr->gr_name;
> 
> ....Roy




Mime
View raw message