about summary refs log tree commit diff
path: root/nscd
diff options
context:
space:
mode:
Diffstat (limited to 'nscd')
-rw-r--r--nscd/grpcache.c12
-rw-r--r--nscd/pwdcache.c12
2 files changed, 22 insertions, 2 deletions
diff --git a/nscd/grpcache.c b/nscd/grpcache.c
index 93a7a0d86d..05ba40ed7c 100644
--- a/nscd/grpcache.c
+++ b/nscd/grpcache.c
@@ -246,8 +246,18 @@ addgrbygid (struct database *db, int fd, request_header *req,
   char *buffer = alloca (buflen);
   struct group resultbuf;
   struct group *grp;
-  gid_t gid = atol (key);
   uid_t oldeuid = 0;
+  char *ep;
+  gid_t gid = strtoul ((char *)key, &ep, 10); 
+  
+  if (*(char*)key == '\0' || *ep != '\0')  /* invalid numeric gid */
+    {
+      if (debug_level > 0)
+        dbg_log (_("Invalid numeric gid \"%s\"!"), (char *)key);
+
+      errno = EINVAL;
+      return;
+    }
 
   if (debug_level > 0)
     dbg_log (_("Haven't found \"%d\" in group cache!"), gid);
diff --git a/nscd/pwdcache.c b/nscd/pwdcache.c
index 94d8bd2d55..cae33033e9 100644
--- a/nscd/pwdcache.c
+++ b/nscd/pwdcache.c
@@ -242,8 +242,18 @@ addpwbyuid (struct database *db, int fd, request_header *req,
   char *buffer = alloca (buflen);
   struct passwd resultbuf;
   struct passwd *pwd;
-  uid_t uid = atol (key);
   uid_t oldeuid = 0;
+  char *ep;
+  uid_t uid = strtoul ((char*) key, &ep, 10); 
+  
+  if (*(char*)key == '\0' || *ep != '\0')  /* invalid numeric uid */
+    {
+      if (debug_level > 0) 
+        dbg_log (_("Invalid numeric uid \"%s\"!"), (char *)key);
+
+      errno = EINVAL;
+      return;
+    }
 
   if (debug_level > 0)
     dbg_log (_("Haven't found \"%d\" in password cache!"), uid);