From 67c7c892b9fcb946792b380a30c4ba704c700934 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 26 Oct 2015 00:38:21 +0100
Subject: user-util: never hand out or accept invalid UIDs

libc isn't that strict, but it's a good idea if we are, to not create
confusion around invalid user ids.
---
 src/basic/user-util.c | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

(limited to 'src/basic/user-util.c')

diff --git a/src/basic/user-util.c b/src/basic/user-util.c
index b5e6ce8a8a..7e6c4c645d 100644
--- a/src/basic/user-util.c
+++ b/src/basic/user-util.c
@@ -138,11 +138,19 @@ int get_user_creds(
         if (!p)
                 return errno > 0 ? -errno : -ESRCH;
 
-        if (uid)
+        if (uid) {
+                if (!uid_is_valid(p->pw_uid))
+                        return -EBADMSG;
+
                 *uid = p->pw_uid;
+        }
+
+        if (gid) {
+                if (!gid_is_valid(p->pw_gid))
+                        return -EBADMSG;
 
-        if (gid)
                 *gid = p->pw_gid;
+        }
 
         if (home)
                 *home = p->pw_dir;
@@ -185,8 +193,12 @@ int get_group_creds(const char **groupname, gid_t *gid) {
         if (!g)
                 return errno > 0 ? -errno : -ESRCH;
 
-        if (gid)
+        if (gid) {
+                if (!gid_is_valid(g->gr_gid))
+                        return -EBADMSG;
+
                 *gid = g->gr_gid;
+        }
 
         return 0;
 }
@@ -278,6 +290,9 @@ int in_gid(gid_t gid) {
         if (getegid() == gid)
                 return 1;
 
+        if (!gid_is_valid(gid))
+                return -EINVAL;
+
         ngroups_max = sysconf(_SC_NGROUPS_MAX);
         assert(ngroups_max > 0);
 
-- 
cgit v1.2.3-54-g00ecf