userspec: disallow an ID that maps to (uid_t)-1 or (gid_t)-1

* lib/userspec.c (parse_with_separator): Do not accept a user ID
number of MAXUID when it evaluates to (uid_t) -1.
Likewise for group ID.  Reported by Matt McCutchen in
<http://savannah.gnu.org/bugs/?28113>

diff --git a/ChangeLog b/ChangeLog
index e274ef72a5ecc2b7541165cd46a0ca2fba08237d..0f130f5596f66122daf223337e070ffc3cb2438d 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
 2009-11-28  Jim Meyering  <meyering@redhat.com>
 
+       userspec: disallow an ID that maps to (uid_t)-1 or (gid_t)-1
+       * lib/userspec.c (parse_with_separator): Do not accept a user ID
+       number of MAXUID when it evaluates to (uid_t) -1.
+       Likewise for group ID.  Reported by Matt McCutchen in
+       <http://savannah.gnu.org/bugs/?28113>
+
        userspec: reformat to use spaces, not TABs
        * lib/userspec.c: Expand TABs to spaces.
        Add Emacs' "indent-tabs-mode: nil" hint.

diff --git a/lib/userspec.c b/lib/userspec.c
index fa2f26fa097286d941ec11d66c9fda72309abebd..0388cb1d5b4a6d3cc953d71f028e9f22a75d19cb 100644 (file)
--- a/lib/userspec.c
+++ b/lib/userspec.c
@@ -169,7 +169,7 @@ parse_with_separator (char const *spec, char const *separator,
             {
               unsigned long int tmp;
               if (xstrtoul (u, NULL, 10, &tmp, "") == LONGINT_OK
-                  && tmp <= MAXUID)
+                  && tmp <= MAXUID && (uid_t) tmp != (uid_t) -1)
                 unum = tmp;
               else
                 error_msg = E_invalid_user;
@@ -200,7 +200,8 @@ parse_with_separator (char const *spec, char const *separator,
       if (grp == NULL)
         {
           unsigned long int tmp;
-          if (xstrtoul (g, NULL, 10, &tmp, "") == LONGINT_OK && tmp <= MAXGID)
+          if (xstrtoul (g, NULL, 10, &tmp, "") == LONGINT_OK
+              && tmp <= MAXGID && (gid_t) tmp != (gid_t) -1)
             gnum = tmp;
           else
             error_msg = E_invalid_group;