diff options
| author | Maxim Konovalov <maxim@FreeBSD.org> | 2006-07-14 17:45:33 +0000 |
|---|---|---|
| committer | Maxim Konovalov <maxim@FreeBSD.org> | 2006-07-14 17:45:33 +0000 |
| commit | 0ec15b18a28207b5a3e4348c2c58c69690773008 (patch) | |
| tree | 28e390affbaf7a466cac58349dfcec1d72d197f6 /lib | |
| parent | 2e5ea45f19cac1451b19938b1ef2336006e1d257 (diff) | |
| download | src-0ec15b18a28207b5a3e4348c2c58c69690773008.tar.gz src-0ec15b18a28207b5a3e4348c2c58c69690773008.zip | |
o compat_group() and files_group() are more complicated than I thought
in rev. 1.34. Mainly I missed the fact that the buffer is used for two
purposes:
1) storing a group line from the group file;
2) __gr_parse_entry() parses the buffer and tries to put the group
members to the remaining part of the buffer and can fail if there
is no enough room for them.
Re-arrange the buffer size checks to account the latter case.
Submitted by: Kirk R Webb
MFC after: 2 weeks
Notes
Notes:
svn path=/head/; revision=160355
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libc/gen/getgrent.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/libc/gen/getgrent.c b/lib/libc/gen/getgrent.c index 511edddc0626..714433ebe4b9 100644 --- a/lib/libc/gen/getgrent.c +++ b/lib/libc/gen/getgrent.c @@ -770,18 +770,17 @@ files_group(void *retval, void *mdata, va_list ap) * pointer for the member list terminator. */ if (bufsize <= linesize + _ALIGNBYTES + sizeof(char *)) { - fseeko(st->fp, pos, SEEK_SET); *errnop = ERANGE; rv = NS_RETURN; break; } - pos = ftello(st->fp); memcpy(buffer, line, linesize); buffer[linesize] = '\0'; rv = __gr_parse_entry(buffer, linesize, grp, &buffer[linesize + 1], bufsize - linesize - 1, errnop); if (rv & NS_TERMINATE) break; + pos = ftello(st->fp); } if (!stayopen && st->fp != NULL) { fclose(st->fp); @@ -789,6 +788,8 @@ files_group(void *retval, void *mdata, va_list ap) } if (rv == NS_SUCCESS && retval != NULL) *(struct group **)retval = grp; + else if (*errnop == ERANGE) + fseeko(st->fp, pos, SEEK_SET); return (rv); } @@ -1322,18 +1323,17 @@ docompat: * pointer for the member list terminator. */ if (bufsize <= linesize + _ALIGNBYTES + sizeof(char *)) { - fseeko(st->fp, pos, SEEK_SET); *errnop = ERANGE; rv = NS_RETURN; break; } - pos = ftello(st->fp); memcpy(buffer, line, linesize); buffer[linesize] = '\0'; rv = __gr_parse_entry(buffer, linesize, grp, &buffer[linesize + 1], bufsize - linesize - 1, errnop); if (rv & NS_TERMINATE) break; + pos = ftello(st->fp); } fin: if (!stayopen && st->fp != NULL) { @@ -1342,6 +1342,8 @@ fin: } if (rv == NS_SUCCESS && retval != NULL) *(struct group **)retval = grp; + else if (*errnop == ERANGE) + fseeko(st->fp, pos, SEEK_SET); return (rv); #undef set_lookup_type } |