httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roy T. Fielding" <field...@kiwi.ICS.UCI.EDU>
Subject Re: minor -Wall warning
Date Fri, 25 Apr 1997 01:28:01 GMT
What the heck?  Is anyone even using suexec??  In util_script.c:

        if (!strncmp("/~",r->uri,2)) {
            r->uri += 2;
!!!USE A LOCAL VARIABLE!!!

            if ((pw = getpwnam (getword_nc (r->pool, &r->uri, '/'))) == NULL) {
                log_unixerr("getpwnam", NULL, "invalid username", r->server);
                return;
            }
            r->uri -= 2;
!!!USE A LOCAL VARIABLE!!!

            if ((gr = getgrgid (pw->pw_gid)) == NULL) {
                if ((grpname = palloc (r->pool, 16)) == NULL)
                    return;
                else
                    ap_snprintf(grpname, sizeof(grpname), "%d\0", pw->pw_gid);

Try 16 instead of sizeof(grpname).  The \0 is also unnecessary.

            }
            else
                grpname = gr->gr_name;
            execuser = (char *) palloc (r->pool, (sizeof(pw->pw_name) + 1));
            execuser = pstrcat (r->pool, "~", pw->pw_name, NULL);

If suexec really wants a "~" on the front, then only the latter is needed.

        }
        else {
            if ((pw = getpwuid (r->server->server_uid)) == NULL) {
                log_unixerr("getpwuid", NULL, "invalid userid", r->server);
                return;
            }
            if ((gr = getgrgid (r->server->server_gid)) == NULL) {
                log_unixerr("getgrgid", NULL, "invalid groupid", r->server);
                return;
            }
            execuser = (char *) palloc (r->pool, sizeof(pw->pw_name));
            execuser = pw->pw_name;
        }

As Dean already mentioned, the first execuser line above is bogus
and needs to be replaced with

            grpname = gr->gr_name;

....Roy

Mime
View raw message