mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-29 13:28:10 +00:00
Code Issues Releases Wiki Activity

Don't assume that getgrnam() calls don't modify contents of

Browse Source 
struct passwd returned by getpwnam().  On FreeBSD w/ NIS this
can happen.  Based on a patch from Kirk Webb.
This commit is contained in:
Todd C. Miller 2003-05-22 01:53:01 +00:00
parent 61e7453f8d
commit 40b63be2fc
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
parse.c
View File

@ -443,24 +443,26 @@ usergr_matches(group, user)
{
struct group *grp;
struct passwd *pw;
gid_t pw_gid;
char **cur;
/* make sure we have a valid usergroup, sudo style */
if (*group++ != '%')
return(FALSE);
/* look up user's primary gid in the passwd file (XXX - reduce lookups) */
if ((pw = getpwnam(user)) == NULL)
return(FALSE);
pw_gid = pw->pw_gid;
if ((grp = getgrnam(group)) == NULL)
return(FALSE);
/*
* Check against user's real gid as well as group's user list
*/
if ((pw = getpwnam(user)) == NULL)
return(FALSE);
if (grp->gr_gid == pw->pw_gid)
/* check against user's primary (passwd file) gid */
if (grp->gr_gid == pw_gid)
return(TRUE);
/* check to see if user is explicitly listed in the group */
for (cur = grp->gr_mem; *cur; cur++) {
if (strcmp(*cur, user) == 0)
return(TRUE);