From 12ced70c95fe8efbcec09a372f0af81d819bb8cd Mon Sep 17 00:00:00 2001
From: Simon Wilkinson <sxw@your-file-system.com>
Date: Wed, 27 Feb 2013 09:23:07 +0000
Subject: [PATCH] pt_util: Protect against corrupt input files

If we have an input file which contains a group membership line
(with a leading space) before any group definitions occur, pt_util
would use stack garbage as the group to create these members in.

Avoid this by requiring the presence of a group line before any
membership lines.

Caught by coverity (#92180, #986000, #92248)

Change-Id: I536f089d67041dbf90f35b6dfeed5ba3303318a8
Reviewed-on: http://gerrit.openafs.org/9296
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
---
 src/ptserver/pt_util.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/ptserver/pt_util.c b/src/ptserver/pt_util.c
index f1e9c39..a69e0b4 100644
--- a/src/ptserver/pt_util.c
+++ b/src/ptserver/pt_util.c
@@ -234,6 +234,7 @@ CommandProc(struct cmd_syndesc *a_as, void *arock)
 
 	while (fgets(buffer, sizeof(buffer), dfp)) {
 	    int id, oid, cid, flags, quota, uid;
+	    int seenGroup = 0;
 	    char name[PR_MAXNAMELEN], mem[PR_MAXNAMELEN];
 
 	    if (isspace(*buffer)) {
@@ -244,6 +245,13 @@ CommandProc(struct cmd_syndesc *a_as, void *arock)
 		    exit(1);
 		}
 
+		if (!seenGroup) {
+		    fprintf(stderr,
+			    "Group member %s listed outside of group\n",
+			    mem);
+		    exit(1);
+		}
+
 		for (u = usr_head; u; u = u->next)
 		    if (u->uid && u->uid == uid)
 			break;
@@ -300,6 +308,8 @@ CommandProc(struct cmd_syndesc *a_as, void *arock)
 		    exit(1);
 		}
 
+		seenGroup = 1;
+
 		if (FindByID(0, id))
 		    code = PRIDEXIST;
 		else
-- 
1.9.4