From bd404f5fd3b188d1fe4b894f0699aa607f16fa14 Mon Sep 17 00:00:00 2001 From: Wouter Wijngaards Date: Mon, 23 Mar 2015 20:20:15 +0000 Subject: [PATCH] - Fix segfault on user not found at startup (from Maciej Soltysiak). git-svn-id: file:///svn/unbound/trunk@3375 be551aaa-1e26-0410-a405-d3ace91eadb9 --- daemon/remote.c | 3 ++- daemon/unbound.c | 6 +++--- doc/Changelog | 3 +++ util/config_file.c | 6 ++++-- 4 files changed, 12 insertions(+), 6 deletions(-) diff --git a/daemon/remote.c b/daemon/remote.c index f88e0e580..894b63fee 100644 --- a/daemon/remote.c +++ b/daemon/remote.c @@ -328,7 +328,8 @@ add_open(const char* ip, int nr, struct listen_port** list, int noproto_is_err, */ if(fd != -1) { #ifdef HAVE_CHOWN - if (cfg->username && cfg->username[0]) + if (cfg->username && cfg->username[0] && + cfg_uid != (uid_t)-1) chown(ip, cfg_uid, cfg_gid); chmod(ip, (mode_t)(S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)); #else diff --git a/daemon/unbound.c b/daemon/unbound.c index b70e39686..8e07c3895 100644 --- a/daemon/unbound.c +++ b/daemon/unbound.c @@ -503,7 +503,7 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode, #ifdef HAVE_KILL if(cfg->pidfile && cfg->pidfile[0]) { writepid(daemon->pidfile, getpid()); - if(cfg->username && cfg->username[0]) { + if(cfg->username && cfg->username[0] && cfg_uid != (uid_t)-1) { # ifdef HAVE_CHOWN if(chown(daemon->pidfile, cfg_uid, cfg_gid) == -1) { log_err("cannot chown %u.%u %s: %s", @@ -519,7 +519,7 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode, /* Set user context */ #ifdef HAVE_GETPWNAM - if(cfg->username && cfg->username[0]) { + if(cfg->username && cfg->username[0] && cfg_uid != (uid_t)-1) { #ifdef HAVE_SETUSERCONTEXT /* setusercontext does initgroups, setuid, setgid, and * also resource limits from login config, but we @@ -586,7 +586,7 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode, /* drop permissions after chroot, getpwnam, pidfile, syslog done*/ #ifdef HAVE_GETPWNAM - if(cfg->username && cfg->username[0]) { + if(cfg->username && cfg->username[0] && cfg_uid != (uid_t)-1) { # ifdef HAVE_INITGROUPS if(initgroups(cfg->username, cfg_gid) != 0) log_warn("unable to initgroups %s: %s", diff --git a/doc/Changelog b/doc/Changelog index 54ddcf9f4..6efb8552b 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,6 @@ +23 March 2015: Wouter + - Fix segfault on user not found at startup (from Maciej Soltysiak). + 20 March 2015: Wouter - Fixed to add integer overflow checks on allocation (defense in depth). diff --git a/util/config_file.c b/util/config_file.c index a212d1787..45a48880a 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -1220,8 +1220,10 @@ void config_lookup_uid(struct config_file* cfg) struct passwd *pwd; if((pwd = getpwnam(cfg->username)) == NULL) log_err("user '%s' does not exist.", cfg->username); - cfg_uid = pwd->pw_uid; - cfg_gid = pwd->pw_gid; + else { + cfg_uid = pwd->pw_uid; + cfg_gid = pwd->pw_gid; + } } #else (void)cfg; -- 2.47.2