musl: bugfix getspnam_r negative

Submitted by chenjie6@huawei.com on May 16, 2019, 2:31 a.m.

Details

Message ID 1557973864-126747-1-git-send-email-chenjie6@huawei.com
State New
Series "musl: bugfix getspnam_r negative"
Headers show

Commit Message

chenjie6@huawei.com May 16, 2019, 2:31 a.m.
From: chen jie <chenjie6@huawei.com>

The /etc/shadow contain:
sshd:*:11880:0:90:7:-1:-1:0
the *s can not ++; __parsespent will not keep going down

Signed-off-by: jie chen<chenjie6@huawei.com>
---
 src/passwd/getspnam_r.c | 8 ++++++++
 1 file changed, 8 insertions(+)

Patch hide | download patch | download mbox

diff --git a/src/passwd/getspnam_r.c b/src/passwd/getspnam_r.c
index 541e8531..1cb55bcd 100644
--- a/src/passwd/getspnam_r.c
+++ b/src/passwd/getspnam_r.c
@@ -15,8 +15,16 @@ 
 static long xatol(char **s)
 {
 	long x;
+	int sign;
+
 	if (**s == ':' || **s == '\n') return -1;
+
+	sign = (int)(unsigned char)**s;
+	if (sign == '-' || sign == '+') ++*s;
+
 	for (x=0; **s-'0'<10U; ++*s) x=10*x+(**s-'0');
+
+	if (sign == '-') return -x;
 	return x;
 }
 

Comments

Szabolcs Nagy May 16, 2019, 8:03 a.m.
* chenjie6@huawei.com <chenjie6@huawei.com> [2019-05-16 02:31:04 +0000]:
> From: chen jie <chenjie6@huawei.com>
> 
> The /etc/shadow contain:
> sshd:*:11880:0:90:7:-1:-1:0

note that it is not documented what -1 day means here.
http://man7.org/linux/man-pages/man5/shadow.5.html

glibc uses -1 internally to mark empty fields and parses
the field as signed int, so it happens to work, but you
may want to fix your /etc/shadow to match the specs.

> the *s can not ++; __parsespent will not keep going down
> 
> Signed-off-by: jie chen<chenjie6@huawei.com>
> ---
>  src/passwd/getspnam_r.c | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/src/passwd/getspnam_r.c b/src/passwd/getspnam_r.c
> index 541e8531..1cb55bcd 100644
> --- a/src/passwd/getspnam_r.c
> +++ b/src/passwd/getspnam_r.c
> @@ -15,8 +15,16 @@
>  static long xatol(char **s)
>  {
>  	long x;
> +	int sign;
> +
>  	if (**s == ':' || **s == '\n') return -1;
> +
> +	sign = (int)(unsigned char)**s;
> +	if (sign == '-' || sign == '+') ++*s;
> +
>  	for (x=0; **s-'0'<10U; ++*s) x=10*x+(**s-'0');
> +
> +	if (sign == '-') return -x;
>  	return x;
>  }
>  
> -- 
> 2.18.GIT