pt_util: Protect against corrupt input files

If we have an input file which contains a group membership line
(with a leading space) before any group definitions occur, pt_util
would use stack garbage as the group to create these members in.

Avoid this by requiring the presence of a group line before any
membership lines.

Caught by coverity (#92180, #986000, #92248)

Change-Id: I536f089d67041dbf90f35b6dfeed5ba3303318a8
Reviewed-on: http://gerrit.openafs.org/9296
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

diff --git a/src/ptserver/pt_util.c b/src/ptserver/pt_util.c
index f1e9c39..a69e0b4 100644 (file)
--- a/src/ptserver/pt_util.c
+++ b/src/ptserver/pt_util.c
@@ -234,6 +234,7 @@ CommandProc(struct cmd_syndesc *a_as, void *arock)
 
        while (fgets(buffer, sizeof(buffer), dfp)) {
            int id, oid, cid, flags, quota, uid;
+           int seenGroup = 0;
            char name[PR_MAXNAMELEN], mem[PR_MAXNAMELEN];
 
            if (isspace(*buffer)) {
@@ -244,6 +245,13 @@ CommandProc(struct cmd_syndesc *a_as, void *arock)
                    exit(1);
                }
 
+               if (!seenGroup) {
+                   fprintf(stderr,
+                           "Group member %s listed outside of group\n",
+                           mem);
+                   exit(1);
+               }
+
                for (u = usr_head; u; u = u->next)
                    if (u->uid && u->uid == uid)
                        break;
@@ -300,6 +308,8 @@ CommandProc(struct cmd_syndesc *a_as, void *arock)
                    exit(1);
                }
 
+               seenGroup = 1;
+
                if (FindByID(0, id))
                    code = PRIDEXIST;
                else