Skip Menu |

Subject: getpwnam_r status checked incorrectly
glibc's getpwnam_r returns success even if the user wasn't found, but
the result pointer is set to NULL. The Kerberos source assumes that
k5_getpwnam_r will fail if the user wasn't found and dereferences OUT
without any further checks. Use a technique similar to the other cases
and change the status to -1 if OUT is NULL.

A better approach may be to change the source to not assume success
means that OUT is non-NULL, since that appears to be all POSIX
guarantees. But this works.
Download getpwnam_r-status
application/octet-stream 1KiB

Message body not shown because it is not plain text.

From: Russ Allbery <>
Subject: CVS Commit
POSIX allows getpwnam_r and getpwuid_r to return 0 (success) even if the
username or UID could not be found, in which case OUT will be set to
NULL. Elsewhere, code assumes that if k5_getpwnam_r or k5_getpwuid_r
returns 0, OUT is non-NULL. Check whether OUT is NULL and adjust the
return value accordingly in the k5_getpw{nam,uid}_r wrappers.

Commit By: rra

Revision: 18121
Changed Files:
U trunk/src/include/k5-platform.h