Adjust parser ordering to error out on invalid names

See tianon/gosu@fd60171 and tianon/gosu@f87df69. The basic problem is that an invalid name like `bogus` will quietly run as `root` instead of being denied entirely (which those test updates look for and this change is verified to fix). I've run this updated implementation successfully against all of the test cases in https://github.com/tianon/gosu/blob/f87df69c868e19f7258b4facb7c2472d76d98dda/Dockerfile.test.
ncopa · Sep 18, 2019 · 212b751 · 212b751
1 parent dddd156
commit 212b751
Showing 1 changed file with 13 additions and 11 deletions.
diff --git a/su-exec.c b/su-exec.c
@@ -40,10 +40,14 @@ int main(int argc, char *argv[])
 
  struct passwd *pw = NULL;
  if (user[0] != '\0') {
- pw = getpwnam(user);
  uid_t nuid = strtol(user, &end, 10);
  if (*end == '\0')
  uid = nuid;
+ else {
+ pw = getpwnam(user);
+ if (pw == NULL)
+ err(1, "getpwnam(%s)", user);
+ }
  }
  if (pw == NULL) {
  pw = getpwuid(uid);
@@ -59,17 +63,15 @@ int main(int argc, char *argv[])
  /* group was specified, ignore grouplist for setgroups later */
  pw = NULL;
 
- struct group *gr = getgrnam(group);
- if (gr == NULL) {
- gid_t ngid = strtol(group, &end, 10);
- if (*end == '\0') {
- gr = getgrgid(ngid);
- if (gr == NULL)
- gid = ngid;
- }
- }
- if (gr != NULL)
+ gid_t ngid = strtol(group, &end, 10);
+ if (*end == '\0')
+ gid = ngid;
+ else {
+ struct group *gr = getgrnam(group);
+ if (gr == NULL)
+ err(1, "getgrnam(%s)", group);
  gid = gr->gr_gid;
+ }
  }
 
  if (pw == NULL) {