From b684ea837dab27fa81da83a8047de0106bd0c9a4 Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Sat, 26 Jul 2008 16:11:49 +0000
Subject: [PATCH] =?UTF-8?q?2008-07-26=20=20Nicolas=20Fran=C3=A7ois=20=20<n?=
 =?UTF-8?q?icolas.francois@centraliens.net>?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

	* src/groupmems.c: Added Prog global variable to indicate the name
	of the program in error messages.

2008-07-22  Lukáš Kuklínek  <lkukline@redhat.com>

	* NEWS, src/groupmems.c: Check if the user added to group actually
	exist. RedHat bug #455603
	* NEWS, src/groupmems.c: Check if the group exists in the group
	local database (/etc/group). RedHat bug #456088
---
 ChangeLog       | 12 ++++++++++++
 NEWS            |  3 +++
 src/groupmems.c | 20 ++++++++++++++++++++
 3 files changed, 35 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 28648ed1..c9c45c88 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,15 @@
+2008-07-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Added Prog global variable to indicate the name
+	of the program in error messages.
+
+2008-07-22  Lukáš Kuklínek  <lkukline@redhat.com>
+
+	* NEWS, src/groupmems.c: Check if the user added to group actually
+	exist. RedHat bug #455603
+	* NEWS, src/groupmems.c: Check if the group exists in the group
+	local database (/etc/group). RedHat bug #456088
+
 2008-07-22  Nicolas François  <nicolas.francois@centraliens.net>
 
 	* lib/prototypes.h: Fix getrange prototype.
diff --git a/NEWS b/NEWS
index a4de8496..a5d06182 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,9 @@ shadow-4.1.2.1 -> shadow-4.1.3						UNRELEASED
 - usermod
   * Allow adding LDAP users (or any user not present in the local passwd
     file) to local groups
+- groupmems
+  * Check if user exist before they are added to groups.
+  * Avoid segfault in case the specified group does not exist in /etc/group.
 
 shadow-4.1.2 -> shadow-4.1.2.1						26-06-2008
 
diff --git a/src/groupmems.c b/src/groupmems.c
index 5cfb6d00..a04f6a3a 100644
--- a/src/groupmems.c
+++ b/src/groupmems.c
@@ -54,6 +54,8 @@
 #define EXIT_NOT_PRIMARY	5	/* not primary owner of group  */
 #define EXIT_NOT_MEMBER		6	/* member of group does not exist */
 #define EXIT_MEMBER_EXISTS	7	/* member of group already exists */
+#define EXIT_INVALID_USER	8	/* specified user does not exist */
+#define EXIT_INVALID_GROUP	9	/* specified group does not exist */
 
 #define TRUE 1
 #define FALSE 0
@@ -67,6 +69,7 @@ static char *thisgroup = NULL;
 static int purge = FALSE;
 static int list = FALSE;
 static int exclusive = 0;
+static char *Prog;
 
 static int isroot (void)
 {
@@ -187,6 +190,11 @@ int main (int argc, char **argv)
 		{NULL, 0, NULL, '\0'}
 	};
 
+	/*
+	 * Get my name so that I can use it to report errors.
+	 */
+	Prog = Basename (argv[0]);
+
 	(void) setlocale (LC_ALL, "");
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);
 	(void) textdomain (PACKAGE);
@@ -223,6 +231,12 @@ int main (int argc, char **argv)
 		usage ();
 	}
 
+	if (getpwnam(adduser) == NULL) {
+		fprintf (stderr, _("%s: user `%s' does not exist\n")
+		         Prog, adduser);
+		exit (EXIT_INVALID_USERNAME);
+	}
+
 	if (!isroot () && NULL != thisgroup) {
 		fputs (_("Only root can add members to different groups\n"),
 		       stderr);
@@ -284,6 +298,12 @@ int main (int argc, char **argv)
 
 	grp = (struct group *) gr_locate (name);
 
+	if (grp == NULL) {
+		fprintf (stderr, _("%s: `%s' not found in /etc/group\n"),
+		         Prog, name);
+		exit (EXIT_READ_GROUP);
+	}
+
 	if (NULL != adduser) {
 		addtogroup (adduser, grp->gr_mem);
 		gr_update (grp);