git: cd0359507027 - stable/14 - lposix: Use reentrant passwd and group lookup functions

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Mark Johnston <markj_at_FreeBSD.org>
Date: Tue, 29 Jul 2025 12:49:07 UTC
The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=cd03595070272fa97b0f3c9ca78e9d828918580b

commit cd03595070272fa97b0f3c9ca78e9d828918580b
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2025-07-04 19:06:10 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2025-07-29 12:08:32 +0000

    lposix: Use reentrant passwd and group lookup functions
    
    The implementation of chown() in the posix module handles user and group
    names as well as numeric IDs.  When resolving names, be sure to use
    reentrant lookup functions rather than assuming it's safe to clobber the
    internal buffers used by getpwnam() and getgrnam().
    
    Fix some style nits while here.
    
    Reviewed by:    imp, bapt
    MFC after:      2 weeks
    Differential Revision:  https://reviews.freebsd.org/D46555
    
    (cherry picked from commit 88d94ead7f7cfb7ea7c4134b4cd2f89da670a8e1)
---
 libexec/flua/modules/lposix.c | 29 +++++++++++++++++++----------
 1 file changed, 19 insertions(+), 10 deletions(-)

diff --git a/libexec/flua/modules/lposix.c b/libexec/flua/modules/lposix.c
index fa3fd5f8e589..bc55f35a942a 100644
--- a/libexec/flua/modules/lposix.c
+++ b/libexec/flua/modules/lposix.c
@@ -68,19 +68,24 @@ lua_chown(lua_State *L)
 {
 	int n;
 	const char *path;
-	uid_t owner = (uid_t) -1;
-	gid_t group = (gid_t) -1;
+	uid_t owner = (uid_t)-1;
+	gid_t group = (gid_t)-1;
+	int error;
 
 	n = lua_gettop(L);
 	luaL_argcheck(L, n > 1, n,
 	   "chown takes at least two arguments");
 	path = luaL_checkstring(L, 1);
 	if (lua_isinteger(L, 2))
-		owner = (uid_t) lua_tointeger(L, 2);
+		owner = (uid_t)lua_tointeger(L, 2);
 	else if (lua_isstring(L, 2)) {
-		struct passwd *p = getpwnam(lua_tostring(L, 2));
-		if (p != NULL)
-			owner = p->pw_uid;
+		char buf[4096];
+		struct passwd passwd, *pwd;
+
+		error = getpwnam_r(lua_tostring(L, 2), &passwd,
+		    buf, sizeof(buf), &pwd);
+		if (error == 0)
+			owner = pwd->pw_uid;
 		else
 			return (luaL_argerror(L, 2,
 			    lua_pushfstring(L, "unknown user %s",
@@ -93,11 +98,15 @@ lua_chown(lua_State *L)
 	}
 
 	if (lua_isinteger(L, 3))
-		group = (gid_t) lua_tointeger(L, 3);
+		group = (gid_t)lua_tointeger(L, 3);
 	else if (lua_isstring(L, 3)) {
-		struct group *g = getgrnam(lua_tostring(L, 3));
-		if (g != NULL)
-			group = g->gr_gid;
+		char buf[4096];
+		struct group gr, *grp;
+
+		error = getgrnam_r(lua_tostring(L, 3), &gr, buf, sizeof(buf),
+		    &grp);
+		if (error == 0)
+			group = grp->gr_gid;
 		else
 			return (luaL_argerror(L, 3,
 			    lua_pushfstring(L, "unknown group %s",