* NEWS, src/newgrp.c: Fix segfault when an user returns to an

unknown GID (either the user was deleted during the user's newgrp session or the user's passwd entry referenced an invalid group). Add a syslog warning in that case. * src/newgrp.c: Add an end of line when reporting an invalid password.
2008-01-21 23:33:43 +00:00 · 2008-01-21 23:33:43 +00:00 · ae8cbbc34d
commit ae8cbbc34d
parent b082ebead2
3 changed files with 32 additions and 5 deletions
--- a/9
+++ b/9
@ -1,3 +1,12 @@
+2008-01-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newgrp.c: Fix segfault when an user returns to an
+	unknown GID (either the user was deleted during the user's newgrp
+	session or the user's passwd entry referenced an invalid group).
+	Add a syslog warning in that case.
+	* src/newgrp.c: Add an end of line when reporting an invalid
+	password.
+
 2008-01-12  Nicolas François  <nicolas.francois@centraliens.net>

 	* NEWS, src/useradd.c: Fix the handling of the --defaults option
--- a/4
+++ b/4
@ -26,6 +26,10 @@ shadow-4.1.0 -> shadow-4.1.1						UNRELEASED
 - lastlog
  * Accept users specified as a numerical UID, or ranges of users (-user,
    user-, user1-user2).
+- newgrp
+  * Fix segfault when an user returns to an unknown GID (either the user
+    was deleted during the user's newgrp session or the user's passwd
+    entry referenced an invalid group). Add a syslog warning in that case.
 - newusers
  * The new users are no more added to the list of members of their groups
    because the membership is already set by their primary group.
--- a/src/newgrp.c
+++ b/src/newgrp.c
@ -169,7 +169,7 @@ static void check_perms (const struct group *grp,
 				 "Invalid password for group `%s' from `%s'",
 				 groupname, pwd->pw_name));
 			sleep (1);
-			fputs (_("Invalid password."), stderr);
+			fputs (_("Invalid password.\n"), stderr);
 			goto failure;
 		}
 	}
@ -252,6 +252,8 @@ static void syslog_sg (const char *name, const char *group)
 		} else if (child) {
 			/* parent - wait for child to finish, then log session close */
 			int cst = 0;
+			gid_t gid = getgid();
+			struct group *grp = getgrgid (gid);

 			do {
 				errno = 0;
@ -265,10 +267,22 @@ static void syslog_sg (const char *name, const char *group)
 			} while ((pid == child && WIFSTOPPED (cst)) ||
 				 (pid != child && errno == EINTR));
 			/* local, no need for xgetgrgid */
-			SYSLOG ((LOG_INFO,
-				 "user `%s' (login `%s' on %s) returned to group `%s'",
-				 name, loginname, tty,
-				 getgrgid (gid)->gr_name));
+			if (NULL != grp) {
+				SYSLOG ((LOG_INFO,
+				         "user `%s' (login `%s' on %s) returned to group `%s'",
+				         name, loginname, tty, grp->gr_name));
+			} else {
+				SYSLOG ((LOG_INFO,
+				         "user `%s' (login `%s' on %s) returned to group `%d'",
+				         name, loginname, tty, gid));
+				/* Either the user's passwd entry has a
+				 * GID that does not match with any group,
+				 * or the group was deleted while the user
+				 * was in a newgrp session.*/
+				SYSLOG ((LOG_WARN,
+				         "unknown GID `%u' used by user `%s'",
+				         gid, name));
+			}
 			closelog ();
 			exit (0);
 		}