blob: 8667a39120afe86c535ef667cda8b1e1d5ec4c8b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547014
From: "Matthew A. Dunford" <mdunford@lbl.gov>
finger segfaults when it comes across a netgroup entry in /etc/passwd.
A netgroup entry doesn't include many of the fields in a normal passwd
entry, so pw->pw_gecos is set to NULL, which causes finger to core
dump.
Here is part of a /etc/passwd file with a netgroup entry:
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+@operator
This patch sidesteps what finger considers a malformed passwd entry:
--- a/finger/util.c 1999-09-29 08:53:58.000000000 +1000
+++ b/finger/util.c 2010-02-12 16:08:50.000000000 +1100
@@ -178,6 +180,8 @@ match(struct passwd *pw, const char *use
int i, j, ct, rv=0;
char *rname;
+ if (pw->pw_gecos == NULL) return 0;
+
strncpy(tbuf, pw->pw_gecos, TBUFLEN);
tbuf[TBUFLEN-1] = 0; /* guarantee null termination */
p = tbuf;
|
