From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Wed, 16 Apr 2008 21:52:46 +0000 (+0000)
Subject: Ensure that getpwent() is used in setpwent(), getpwent(),
X-Git-Tag: 4.1.2~33
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7baffa5e74b9eea72635e644461069dcd478a259;p=shadow

Ensure that getpwent() is used in setpwent(), getpwent(),
endpwend() sequences (ditto for getgrent(), getspent(), and
getsgent()). The only real (minor) issue was in login, which kept
the passwd file open.
* libmisc/entry.c: Remove unneeded setspent() and endspent() (only
  getspnam is called in the middle).
* libmisc/find_new_ids.c: Make sure to close the password and
  group files with endpwent() and endgrent().
* libmisc/pwdcheck.c: Remove unneeded endspent() (only getspnam()
  is called before).
* src/lastlog.c, src/passwd.c, src/groupmod.c, src/faillog.c,
  src/groups.c: Make sure to close
  the password file with endpwent().
* src/login.c: Remove unneeded setpwent() (only xgetpwnam is
  called before).
* src/login.c, src/newgrp.c: Fix typos in comments.
---

diff --git a/ChangeLog b/ChangeLog
index dc3630a9..ac6fef85 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,22 @@
+2008-04-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Ensure that getpwent() is used in setpwent(), getpwent(),
+	endpwend() sequences (ditto for getgrent(), getspent(), and
+	getsgent()). The only real (minor) issue was in login, which kept
+	the passwd file open.
+	* libmisc/entry.c: Remove unneeded setspent() and endspent() (only
+	getspnam is called in the middle).
+	* libmisc/find_new_ids.c: Make sure to close the password and
+	group files with endpwent() and endgrent().
+	* libmisc/pwdcheck.c: Remove unneeded endspent() (only getspnam()
+	is called before).
+	* src/lastlog.c, src/passwd.c, src/groupmod.c, src/faillog.c,
+	src/groups.c: Make sure to close
+	the password file with endpwent().
+	* src/login.c: Remove unneeded setpwent() (only xgetpwnam is
+	called before).
+	* src/login.c, src/newgrp.c: Fix typos in comments.
+
 2008-04-16  Nicolas François  <nicolas.francois@centraliens.net>
 
 	* NEWS, configure.in: Fix the detection of the audit, pam, and
diff --git a/libmisc/entry.c b/libmisc/entry.c
index 5b95eba1..3316c8d5 100644
--- a/libmisc/entry.c
+++ b/libmisc/entry.c
@@ -54,14 +54,11 @@ void pw_entry (const char *name, struct passwd *pwent)
 		pwent->pw_dir = xstrdup (passwd->pw_dir);
 		pwent->pw_shell = xstrdup (passwd->pw_shell);
 #if !defined(AUTOSHADOW)
-		setspent ();
 		/* local, no need for xgetspnam */
 		if ((spwd = getspnam (name))) {
 			pwent->pw_passwd = xstrdup (spwd->sp_pwdp);
-			endspent ();
 			return;
 		}
-		endspent ();
 #endif
 		pwent->pw_passwd = xstrdup (passwd->pw_passwd);
 	}
diff --git a/libmisc/find_new_ids.c b/libmisc/find_new_ids.c
index 66dc6e80..90e4ceef 100644
--- a/libmisc/find_new_ids.c
+++ b/libmisc/find_new_ids.c
@@ -65,6 +65,7 @@ int find_new_uid (int sys_user, uid_t *uid, uid_t const *preferred_uid)
 			user_id = pwd->pw_uid + 1;
 		}
 	}
+	endpwent ();
 
 	/*
 	 * If a user with UID equal to UID_MAX exists, the above algorithm
@@ -146,6 +147,7 @@ int find_new_gid (int sys_group, gid_t *gid, gid_t const *preferred_gid)
 			group_id = grp->gr_gid + 1;
 		}
 	}
+	endgrent ();
 
 	/*
 	 * If a group with GID equal to GID_MAX exists, the above algorithm
diff --git a/libmisc/pwdcheck.c b/libmisc/pwdcheck.c
index 1750ebf3..ce0a4f2c 100644
--- a/libmisc/pwdcheck.c
+++ b/libmisc/pwdcheck.c
@@ -46,7 +46,6 @@ void passwd_check (const char *user, const char *passwd, const char *progname)
 
 	if ((sp = getspnam (user))) /* !USE_PAM, no need for xgetspnam */
 		passwd = sp->sp_pwdp;
-	endspent ();
 	if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) {
 		SYSLOG ((LOG_WARN, WRONGPWD2, user));
 		sleep (1);
diff --git a/src/faillog.c b/src/faillog.c
index 024e044d..36c38ff0 100644
--- a/src/faillog.c
+++ b/src/faillog.c
@@ -170,6 +170,7 @@ static void reset (void)
 		while ( (pwent = getpwent ()) != NULL ) {
 			reset_one (pwent->pw_uid);
 		}
+		endpwent ();
 	}
 }
 
@@ -246,8 +247,10 @@ static void setmax (int max)
 		setmax_one (user, max);
 	} else {
 		setpwent ();
-		while ((pwent = getpwent ()))
+		while ( (pwent = getpwent ()) != NULL ) {
 			setmax_one (pwent->pw_uid, max);
+		}
+		endpwent ();
 	}
 }
 
@@ -288,8 +291,10 @@ static void set_locktime (long locktime)
 		set_locktime_one (user, locktime);
 	} else {
 		setpwent ();
-		while ((pwent = getpwent ()))
+		while ( (pwent = getpwent ()) != NULL ) {
 			set_locktime_one (pwent->pw_uid, locktime);
+		}
+		endpwent ();
 	}
 }
 
diff --git a/src/groupmod.c b/src/groupmod.c
index 274c3adb..1a3f55b3 100644
--- a/src/groupmod.c
+++ b/src/groupmod.c
@@ -547,6 +547,7 @@ void update_primary_groups (gid_t ogid, gid_t ngid)
 			}
 		}
 	}
+	endpwent ();
 }
 
 /*
diff --git a/src/groups.c b/src/groups.c
index 53fdfb7d..9f89a705 100644
--- a/src/groups.c
+++ b/src/groups.c
@@ -57,13 +57,12 @@ static void print_groups (const char *member)
 	struct passwd *pwd;
 	int flag = 0;
 
-	setgrent ();
-
 	/* local, no need for xgetpwnam */
 	if ((pwd = getpwnam (member)) == 0) {
 		fprintf (stderr, _("%s: unknown user %s\n"), Prog, member);
 		exit (1);
 	}
+	setgrent ();
 	while ((grp = getgrent ())) {
 		if (is_on_list (grp->gr_mem, member)) {
 			if (groups++)
@@ -74,6 +73,7 @@ static void print_groups (const char *member)
 				flag = 1;
 		}
 	}
+	endgrent ();
 	/* local, no need for xgetgrgid */
 	if (!flag && (grp = getgrgid (pwd->pw_gid))) {
 		if (groups++)
diff --git a/src/lastlog.c b/src/lastlog.c
index 445a1cc7..7b70bae6 100644
--- a/src/lastlog.c
+++ b/src/lastlog.c
@@ -128,7 +128,7 @@ static void print (void)
 	uid_t user;
 
 	setpwent ();
-	while ((pwent = getpwent ())) {
+	while ( (pwent = getpwent ()) != NULL ) {
 		user = pwent->pw_uid;
 		if (uflg &&
 		    ((umin != -1 && user < (uid_t)umin) ||
@@ -149,6 +149,7 @@ static void print (void)
 
 		print_one (pwent);
 	}
+	endpwent ();
 }
 
 int main (int argc, char **argv)
diff --git a/src/login.c b/src/login.c
index aa9e5560..79f3eedd 100644
--- a/src/login.c
+++ b/src/login.c
@@ -738,7 +738,6 @@ int main (int argc, char **argv)
 		 */
 		retcode =
 		    pam_get_item (pamh, PAM_USER, (const void **)ptr_pam_user);
-		setpwent ();
 		pwd = xgetpwnam (pam_user);
 		if (!pwd) {
 			SYSLOG ((LOG_ERR, "xgetpwnam(%s) failed",
@@ -962,7 +961,7 @@ int main (int argc, char **argv)
 	if (pwent.pw_shell[0] == '*') {	/* subsystem root */
 		pwent.pw_shell++;	/* skip the '*' */
 		subsystem (&pwent);	/* figure out what to execute */
-		subroot++;	/* say i was here again */
+		subroot++;	/* say I was here again */
 		endpwent ();	/* close all of the file which were */
 		endgrent ();	/* open in the original rooted file */
 		endspent ();	/* system. they will be re-opened */
diff --git a/src/newgrp.c b/src/newgrp.c
index bf94d8bd..3f07a4ed 100644
--- a/src/newgrp.c
+++ b/src/newgrp.c
@@ -695,7 +695,7 @@ int main (int argc, char **argv)
 		prog = "/bin/sh";
 
 	/*
-	 * Now i try to find the basename of the login shell. This will
+	 * Now I try to find the basename of the login shell. This will
 	 * become argv[0] of the spawned command.
 	 */
 	cp = Basename ((char *) prog);
diff --git a/src/passwd.c b/src/passwd.c
index e85b2fe2..42df517b 100644
--- a/src/passwd.c
+++ b/src/passwd.c
@@ -848,8 +848,10 @@ int main (int argc, char **argv)
 			exit (E_NOPERM);
 		}
 		setpwent ();
-		while ((pw = getpwent ()))
+		while ( (pw = getpwent ()) != NULL ) {
 			print_status (pw);
+		}
+		endpwent ();
 		exit (E_SUCCESS);
 	}
 #if 0