diff options
author | Damien Miller <djm@mindrot.org> | 2001-12-29 14:08:28 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2001-12-29 14:08:28 +1100 |
commit | 0dea79d6b6ea4699fa4dfd19b07adbff1d736d70 (patch) | |
tree | bcbaf8b74598f0b3752334f71aa194c48128d3b5 /openbsd-compat/bsd-cygwin_util.c | |
parent | 6cb127fc14a32667571f843a8de5d8cf0cf10e29 (diff) |
- (djm) Apply Cygwin pointer deref fix from Corinna Vinschen
<vinschen@redhat.com> Could be abused to guess valid usernames
Diffstat (limited to 'openbsd-compat/bsd-cygwin_util.c')
-rw-r--r-- | openbsd-compat/bsd-cygwin_util.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index 6d6aafa4f..b12725773 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c | |||
@@ -15,7 +15,7 @@ | |||
15 | 15 | ||
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | 17 | ||
18 | RCSID("$Id: bsd-cygwin_util.c,v 1.6 2001/11/27 01:19:44 tim Exp $"); | 18 | RCSID("$Id: bsd-cygwin_util.c,v 1.7 2001/12/29 03:08:30 djm Exp $"); |
19 | 19 | ||
20 | #ifdef HAVE_CYGWIN | 20 | #ifdef HAVE_CYGWIN |
21 | 21 | ||
@@ -58,7 +58,7 @@ int binary_pipe(int fd[2]) | |||
58 | return ret; | 58 | return ret; |
59 | } | 59 | } |
60 | 60 | ||
61 | int check_nt_auth(int pwd_authenticated, uid_t uid) | 61 | int check_nt_auth(int pwd_authenticated, struct passwd *pw) |
62 | { | 62 | { |
63 | /* | 63 | /* |
64 | * The only authentication which is able to change the user | 64 | * The only authentication which is able to change the user |
@@ -73,6 +73,8 @@ int check_nt_auth(int pwd_authenticated, uid_t uid) | |||
73 | */ | 73 | */ |
74 | static int has_create_token = -1; | 74 | static int has_create_token = -1; |
75 | 75 | ||
76 | if (pw == NULL) | ||
77 | return 0; | ||
76 | if (is_winnt) { | 78 | if (is_winnt) { |
77 | if (has_create_token < 0) { | 79 | if (has_create_token < 0) { |
78 | struct utsname uts; | 80 | struct utsname uts; |
@@ -90,7 +92,7 @@ int check_nt_auth(int pwd_authenticated, uid_t uid) | |||
90 | } | 92 | } |
91 | } | 93 | } |
92 | if (has_create_token < 1 && | 94 | if (has_create_token < 1 && |
93 | !pwd_authenticated && geteuid() != uid) | 95 | !pwd_authenticated && geteuid() != pw->pw_uid) |
94 | return 0; | 96 | return 0; |
95 | } | 97 | } |
96 | return 1; | 98 | return 1; |