diff options
| author | Roy T. Fielding <fielding@apache.org> | 2008-05-13 02:21:33 +0000 |
|---|---|---|
| committer | Roy T. Fielding <fielding@apache.org> | 2008-05-13 02:21:33 +0000 |
| commit | a42c37fd05933d8b588b031072dc7637aebccb14 (patch) | |
| tree | 8d012316b54946b806d418d8603f73503c54c098 /support | |
| parent | cd7f5da7d4fb63b1c69370980a6ee7d7c704ad4c (diff) | |
| download | httpd-a42c37fd05933d8b588b031072dc7637aebccb14.tar.gz | |
When group is given as a numeric gid, validate it by looking up the
actual group name such that the name can be used in log entries.
PR: 7862
Submitted by: <y-koga apache.or.jp>, Leif W <warp-9.9 usa.net>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@655711 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'support')
| -rw-r--r-- | support/suexec.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/support/suexec.c b/support/suexec.c index 1037a06c6e..59371be0bb 100644 --- a/support/suexec.c +++ b/support/suexec.c @@ -395,13 +395,15 @@ int main(int argc, char *argv[]) log_err("invalid target group name: (%s)\n", target_gname); exit(106); } - gid = gr->gr_gid; - actual_gname = strdup(gr->gr_name); } else { - gid = atoi(target_gname); - actual_gname = strdup(target_gname); + if ((gr = getgrgid(atoi(target_gname))) == NULL) { + log_err("invalid target group id: (%s)\n", target_gname); + exit(106); + } } + gid = gr->gr_gid; + actual_gname = strdup(gr->gr_name); #ifdef _OSD_POSIX /* |