PHP :: Bug #68812 :: Unchecked return value

Bug #68812 Unchecked return value
Submitted: 2015-01-12 15:48 UTC Modified: 2015-06-09 22:39 UTC
From: bugreports at internot dot info Assigned: gwang (profile)
Status: Closed Package: Other web server
PHP Version: master-Git-2015-01-12 (Git) OS: Linux Ubuntu 14.04
Private report: No CVE-ID: None

 [2015-01-12 15:48 UTC] bugreports at internot dot info

Description:
------------
Hi,

In /sapi/litespeed/lsapilib.c:


3114        pw = getpwnam( "nobody" );


is not checked against NULL, as it is everywhere else.

This may cause a null pointer dereference.


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

 [2015-06-08 18:27 UTC] cmb@php.net

-Package: *General Issues +Package: Other web server -Assigned To: +Assigned To: gwang

 [2015-06-08 18:27 UTC] cmb@php.net

George, can you please have a look at this issue?

 [2015-06-08 19:52 UTC] gwang@php.net

Fix has been committed. You can apply following patch 

diff --git a/sapi/litespeed/lsapilib.c b/sapi/litespeed/lsapilib.c
index baf0db3..a109909 100644
@@ -3131,10 +3131,20 @@ static int lsapi_initSuEXEC()
     if ( !s_defaultUid || !s_defaultGid )
     {
         pw = getpwnam( "nobody" );
-        if ( !s_defaultUid )
-            s_defaultUid = pw->pw_uid;
-        if ( !s_defaultGid )
-            s_defaultGid = pw->pw_gid;
+        if ( pw )
+        {
+            if ( !s_defaultUid )
+                s_defaultUid = pw->pw_uid;
+            if ( !s_defaultGid )
+                s_defaultGid = pw->pw_gid;
+        }
+        else
+        {
+            if ( !s_defaultUid )
+                s_defaultUid = 10000;
+            if ( !s_defaultGid )
+                s_defaultGid = 10000;
+        }
     }
     return 0;
 }

 [2015-06-09 12:02 UTC] cmb@php.net

-Status: Assigned +Status: Closed

 [2015-06-09 12:02 UTC] cmb@php.net

The fix for this bug has been committed.

Thank you for the report, and for helping us make PHP better.

 [2015-06-09 22:39 UTC] stas@php.net

Please talk to me next time when (or even better, before) committing patches to 5.4. Otherwise they may be missed when upmerging and packaging the release.