Skip to content

L
lxc
Unverified Commit 2dce415b by Donghwa Jeong
Options

fix getpwnam() thread safe issue

Signed-off-by: 's avatarDonghwa Jeong <dh48.jeong@samsung.com>
parent c6d0d3cb
Showing with 51 additions and 11 deletions
src/lxc/pam/pam_cgfs.c
...@@ -1520,14 +1520,32 @@ static void cg_escape(void) ...@@ -1520,14 +1520,32 @@ static void cg_escape(void)
/* Get uid and gid for @user. */ /* Get uid and gid for @user. */
static bool get_uid_gid(const char *user, uid_t *uid, gid_t *gid) static bool get_uid_gid(const char *user, uid_t *uid, gid_t *gid)
{ {
struct passwd *pwent; strcut passwd pwent;
struct passwd *pwentp = NULL;
char *buf;
size_t bufsize;
int ret;
bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
if (bufsize == -1)
bufsize = 1024;
buf = malloc(bufsize);
if (!buf)
return false;
ret = getpwnam_r(user, &pwent, buf, bufsize, &pwentp);
if (!pwentp) {
if (ret == 0)
mysyslog(LOG_ERR, "Could not find matched password record.\n", NULL);
pwent = getpwnam(user); free(buf);
if (!pwent)
return false; return false;
}
*uid = pwent->pw_uid; *uid = pwent.pw_uid;
*gid = pwent->pw_gid; *gid = pwent.pw_gid;
free(buf);
return true; return true;
} }
......
src/lxc/tools/lxc_unshare.c
...@@ -82,29 +82,51 @@ static void usage(char *cmd) ...@@ -82,29 +82,51 @@ static void usage(char *cmd)
static bool lookup_user(const char *optarg, uid_t *uid) static bool lookup_user(const char *optarg, uid_t *uid)
{ {
char name[TOOL_MAXPATHLEN]; char name[TOOL_MAXPATHLEN];
struct passwd *pwent = NULL; struct passwd pwent;
struct passwd *pwentp = NULL;
char *buf;
size_t bufsize;
int ret;
if (!optarg || (optarg[0] == '\0')) if (!optarg || (optarg[0] == '\0'))
return false; return false;
bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
if (bufsize == -1)
bufsize = 1024;
buf = malloc(bufsize);
if (!buf)
return false;
if (sscanf(optarg, "%u", uid) < 1) { if (sscanf(optarg, "%u", uid) < 1) {
/* not a uid -- perhaps a username */ /* not a uid -- perhaps a username */
if (sscanf(optarg, "%s", name) < 1) if (sscanf(optarg, "%s", name) < 1)
return false; return false;
pwent = getpwnam(name); ret = getpwnam_r(name, &pwent, buf, bufsize, &pwentp);
if (!pwent) { if (!pwentp) {
if (ret == 0)
fprintf(stderr, "could not find matched password record\n");
fprintf(stderr, "invalid username %s\n", name); fprintf(stderr, "invalid username %s\n", name);
free(buf);
return false; return false;
} }
*uid = pwent->pw_uid; *uid = pwent.pw_uid;
} else { } else {
pwent = getpwuid(*uid); ret = getpwuid_r(*uid, &pwent, buf, bufsize, &pwentp);
if (!pwent) { if (!pwentp) {
if (ret == 0)
fprintf(stderr, "could not find matched password record\n");
fprintf(stderr, "invalid uid %u\n", *uid); fprintf(stderr, "invalid uid %u\n", *uid);
free(buf);
return false; return false;
} }
} }
free(buf);
return true; return true;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment