user-record: Handle invalid uid/gid case

I'm not that familiar with outer code to guide Coverity with an
assert(), so consider invalid uid/gid as non-matching in order to avoid
-EINVAL for bit shifts calculation.

Fixes: CID#1590746

diff --git a/src/shared/group-record.c b/src/shared/group-record.c
index 911c6c8f0bc4f04058684dfb70390ddd8004c146..76d23259ce6520ae030b521427458499384e31a3 100644 (file)
--- a/src/shared/group-record.c
+++ b/src/shared/group-record.c
@@ -350,6 +350,9 @@ int group_record_match(GroupRecord *h, const UserDBMatch *match) {
         if (!match)
                 return true;
 
+        if (!gid_is_valid(h->gid))
+                return false;
+
         if (h->gid < match->gid_min || h->gid > match->gid_max)
                 return false;
 

diff --git a/src/shared/user-record.c b/src/shared/user-record.c
index 4817bec0735b584fc6767479eec6e6c577b7a7ff..4c8e41cd8953887d324870a55091c1d367576ac0 100644 (file)
--- a/src/shared/user-record.c
+++ b/src/shared/user-record.c
@@ -2775,6 +2775,9 @@ int user_record_match(UserRecord *u, const UserDBMatch *match) {
         if (!match)
                 return true;
 
+        if (!uid_is_valid(u->uid))
+                return false;
+
         if (u->uid < match->uid_min || u->uid > match->uid_max)
                 return false;