Fix a seg fault in mod_userdir.c. We used to use the pw structure

without ever filling it out.

PR:	7271
Submitted by:	Taketo Kabe <kabe@sra-tohoku.co.jp> and Cliff Woolley <cliffwoolley@yahoo.com>]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88279 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 1f69989f8a71b90973c0aa6440135f0a2bdc996f..23e34dc0a8297ff0caa8ab298219d1446db238b9 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,10 @@
 Changes with Apache 2.0.12-dev
 
+  *) Fix a seg fault in mod_userdir.c.  We used to use the pw structure
+     without ever filling it out.  This fixes PR 7271.
+     [Taketo Kabe <kabe@sra-tohoku.co.jp> and 
+      Cliff Woolley <cliffwoolley@yahoo.com>]
+
   *) Add a couple of GCC attribute tags to printf style functions.
      [Jon Travis <jtravis@covalent.net>]
 

diff --git a/modules/mappers/mod_userdir.c b/modules/mappers/mod_userdir.c
index 91e4b58c1b6637f1054fc133be9dad72f72f87f5..baf8a51b129e922f238e7e69c384dea4b79007b5 100644 (file)
--- a/modules/mappers/mod_userdir.c
+++ b/modules/mappers/mod_userdir.c
@@ -357,9 +357,9 @@ static int translate_userdir(request_rec *r)
 #ifdef HAVE_UNIX_SUEXEC
 static ap_unix_identity_t *get_suexec_id_doer(const request_rec *r)
 {
-    const char *username = apr_table_get(r->notes, "mod_userdir_user");
-    struct passwd *pw = NULL;
     ap_unix_identity_t *ugid = NULL;
+#if APR_HAS_USER
+    const char *username = apr_table_get(r->notes, "mod_userdir_user");
 
     if (username == NULL) {
         return NULL;
@@ -369,9 +369,11 @@ static ap_unix_identity_t *get_suexec_id_doer(const request_rec *r)
         return NULL;
     }
 
-    ugid->uid = pw->pw_uid;
-    ugid->gid = pw->pw_gid;
-    
+    if (apr_get_userid(&ugid->uid, &ugid->gid, username, r->pool) != APR_SUCCESS) {
+        return NULL;
+    }
+
+#endif 
     return ugid;
 }
 #endif /* HAVE_UNIX_SUEXEC */