Sun Mar 15 20:03:49 2009 UTC ()

Pull up following revision(s) (requested by mlelstv in ticket #562):
	usr.sbin/user/user.c: revision 1.121
bin/40994: Michael van Elst: usermod -l change password so user is unable to
login. User getpwnam_r to avoid trashing result of previous call to getpwnam().


(snj)

diff -r1.120 -r1.120.4.1 src/usr.sbin/user/user.c

--- src/usr.sbin/user/user.c 2008/07/21 13:37:00	1.120
+++ src/usr.sbin/user/user.c 2009/03/15 20:03:49	1.120.4.1

 @@ -1,14 +1,14 @@
-/* $NetBSD: user.c,v 1.120 2008/07/21 13:37:00 lukem Exp $ */
+/* $NetBSD: user.c,v 1.120.4.1 2009/03/15 20:03:49 snj Exp $ */
 /*
  * Copyright (c) 1999 Alistair G. Crooks.  All rights reserved.
  * Copyright (c) 2005 Liam J. Foy.  All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
 @@ -23,27 +23,27 @@
  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
 #ifndef lint
 __COPYRIGHT("@(#) Copyright (c) 1999\
  The NetBSD Foundation, Inc.  All rights reserved.");
-__RCSID("$NetBSD: user.c,v 1.120 2008/07/21 13:37:00 lukem Exp $");
+__RCSID("$NetBSD: user.c,v 1.120.4.1 2009/03/15 20:03:49 snj Exp $");
 #endif
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/stat.h>
 #include <ctype.h>
 #include <dirent.h>
 #include <err.h>
 #include <fcntl.h>
 #include <grp.h>
 #ifdef EXTENSIONS
 #include <login_cap.h>
 @@ -1375,46 +1375,48 @@ is_local(char *name, const char *file)
 		if (strncmp(buf, name, len) == 0 && buf[len] == ':') {
 			ret = 1;
 			break;
+		}
+	}
 	(void)fclose(fp);
 	return ret;
+}
 /* modify a user */
 static int
 moduser(char *login_name, char *newlogin, user_t *up, int allow_samba)
+{
-	struct passwd  *pwp;
+	struct passwd  *pwp, pw;
 	struct group   *grp;
 	const char     *homedir;
 	char	       *locked_pwd;
 	size_t		colonc;
 	size_t		loginc;
 	size_t		len;
 	FILE	       *master;
 	char		newdir[MaxFileNameLen];
 	char	        buf[MaxEntryLen];
 	char		pwbuf[MaxEntryLen];
 	char	       *colon;
 	int		masterfd;
 	int		ptmpfd;
 	int		error;
 	if (!valid_login(newlogin, allow_samba)) {
 		errx(EXIT_FAILURE, "Can't modify user `%s': invalid login name",
 		    login_name);
+	}
-	if ((pwp = getpwnam(login_name)) == NULL) {
+	if (getpwnam_r(login_name, &pw, pwbuf, sizeof(pwbuf), &pwp) != 0
 	    || pwp == NULL) {
 		errx(EXIT_FAILURE, "Can't modify user `%s': no such user",
 		    login_name);
+	}
 	if (!is_local(login_name, _PATH_MASTERPASSWD)) {
 		errx(EXIT_FAILURE, "Can't modify user `%s': must be a local user",
 		    login_name);
+	}
 	/* keep dir name in case we need it for '-m' */
 	homedir = pwp->pw_dir;
 	if ((masterfd = open(_PATH_MASTERPASSWD, O_RDONLY)) < 0) {
 		err(EXIT_FAILURE, "Can't modify user `%s': can't open `%s'",
 		    login_name, _PATH_MASTERPASSWD);