From b03a48297a3dc03ea59360345f352bc449189589 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Mon, 8 Aug 2011 10:57:16 +0200
Subject: Prevent segfault if vetoed_shells are specified without
 allowed_shells

https://fedorahosted.org/sssd/ticket/954
---
 src/responder/nss/nsssrv_cmd.c | 35 +++++++++++++++++++----------------
 1 file changed, 19 insertions(+), 16 deletions(-)

(limited to 'src/responder/nss/nsssrv_cmd.c')

diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index 5dbd3ca74..56ebe4815 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -316,8 +316,7 @@ static const char *get_shell_override(TALLOC_CTX *mem_ctx,
     if (!user_shell) return NULL;
     if (!nctx->allowed_shells && !nctx->vetoed_shells) return talloc_strdup(mem_ctx, user_shell);
 
-    if (nctx->vetoed_shells)
-    {
+    if (nctx->vetoed_shells) {
         for (i=0; nctx->vetoed_shells[i]; i++) {
             if (strcmp(nctx->vetoed_shells[i], user_shell) == 0) {
                 DEBUG(5, ("The shell '%s' is vetoed. "
@@ -327,24 +326,28 @@ static const char *get_shell_override(TALLOC_CTX *mem_ctx,
         }
     }
 
-    for (i=0; nctx->etc_shells[i]; i++) {
-        if (strcmp(user_shell, nctx->etc_shells[i]) == 0) {
-            DEBUG(9, ("Shell %s found in /etc/shells\n",
-                      nctx->etc_shells[i]));
-            break;
+    if (nctx->etc_shells) {
+        for (i=0; nctx->etc_shells[i]; i++) {
+            if (strcmp(user_shell, nctx->etc_shells[i]) == 0) {
+                DEBUG(9, ("Shell %s found in /etc/shells\n",
+                        nctx->etc_shells[i]));
+                break;
+            }
         }
-    }
 
-    if (nctx->etc_shells[i]) {
-        DEBUG(9, ("Using original shell '%s'\n", user_shell));
-        return talloc_strdup(mem_ctx, user_shell);
+        if (nctx->etc_shells[i]) {
+            DEBUG(9, ("Using original shell '%s'\n", user_shell));
+            return talloc_strdup(mem_ctx, user_shell);
+        }
     }
 
-    for (i=0; nctx->allowed_shells[i]; i++) {
-        if (strcmp(nctx->allowed_shells[i], user_shell) == 0) {
-            DEBUG(5, ("The shell '%s' is allowed but does not exist. "
-                      "Using fallback\n", user_shell));
-            return talloc_strdup(mem_ctx, nctx->shell_fallback);
+    if (nctx->allowed_shells) {
+        for (i=0; nctx->allowed_shells[i]; i++) {
+            if (strcmp(nctx->allowed_shells[i], user_shell) == 0) {
+                DEBUG(5, ("The shell '%s' is allowed but does not exist. "
+                        "Using fallback\n", user_shell));
+                return talloc_strdup(mem_ctx, nctx->shell_fallback);
+            }
         }
     }
 
-- 
cgit