Subject: | getpwnam_r status checked incorrectly |
glibc's getpwnam_r returns success even if the user wasn't found, but
the result pointer is set to NULL. The Kerberos source assumes that
k5_getpwnam_r will fail if the user wasn't found and dereferences OUT
without any further checks. Use a technique similar to the other cases
and change the status to -1 if OUT is NULL.
A better approach may be to change the source to not assume success
means that OUT is non-NULL, since that appears to be all POSIX
guarantees. But this works.
the result pointer is set to NULL. The Kerberos source assumes that
k5_getpwnam_r will fail if the user wasn't found and dereferences OUT
without any further checks. Use a technique similar to the other cases
and change the status to -1 if OUT is NULL.
A better approach may be to change the source to not assume success
means that OUT is non-NULL, since that appears to be all POSIX
guarantees. But this works.
Message body not shown because it is not plain text.