diff options
Diffstat (limited to 'nscd')
-rw-r--r-- | nscd/grpcache.c | 12 | ||||
-rw-r--r-- | nscd/pwdcache.c | 12 |
2 files changed, 22 insertions, 2 deletions
diff --git a/nscd/grpcache.c b/nscd/grpcache.c index 93a7a0d86d..05ba40ed7c 100644 --- a/nscd/grpcache.c +++ b/nscd/grpcache.c @@ -246,8 +246,18 @@ addgrbygid (struct database *db, int fd, request_header *req, char *buffer = alloca (buflen); struct group resultbuf; struct group *grp; - gid_t gid = atol (key); uid_t oldeuid = 0; + char *ep; + gid_t gid = strtoul ((char *)key, &ep, 10); + + if (*(char*)key == '\0' || *ep != '\0') /* invalid numeric gid */ + { + if (debug_level > 0) + dbg_log (_("Invalid numeric gid \"%s\"!"), (char *)key); + + errno = EINVAL; + return; + } if (debug_level > 0) dbg_log (_("Haven't found \"%d\" in group cache!"), gid); diff --git a/nscd/pwdcache.c b/nscd/pwdcache.c index 94d8bd2d55..cae33033e9 100644 --- a/nscd/pwdcache.c +++ b/nscd/pwdcache.c @@ -242,8 +242,18 @@ addpwbyuid (struct database *db, int fd, request_header *req, char *buffer = alloca (buflen); struct passwd resultbuf; struct passwd *pwd; - uid_t uid = atol (key); uid_t oldeuid = 0; + char *ep; + uid_t uid = strtoul ((char*) key, &ep, 10); + + if (*(char*)key == '\0' || *ep != '\0') /* invalid numeric uid */ + { + if (debug_level > 0) + dbg_log (_("Invalid numeric uid \"%s\"!"), (char *)key); + + errno = EINVAL; + return; + } if (debug_level > 0) dbg_log (_("Haven't found \"%d\" in password cache!"), uid); |