libbb: fix fallout from nth_string() robustification, closes 14726 function old new delta parse_common 187 228 +41 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

commit: 0cdd6f579256d7dcbf48548ee470b8bb54a7de64 [log] [tgz]
author: Denys Vlasenko <vda.linux@googlemail.com> Wed Apr 27 15:29:57 2022 +0200
committer: Denys Vlasenko <vda.linux@googlemail.com> Wed Apr 27 15:33:55 2022 +0200
tree: ba09a44658be4a6bd7220b5d3afec5720be5692e
parent: 7fbfb2050f24a457a909ea6bcec85c49a21db83a [diff]
diff --git a/libpwdgrp/pwd_grp.c b/libpwdgrp/pwd_grp.c
index b44ada4..10debbc 100644
--- a/libpwdgrp/pwd_grp.c
+++ b/libpwdgrp/pwd_grp.c

@@ -191,6 +191,9 @@
 	char *buf;
 
 	while ((buf = xmalloc_fgetline(fp)) != NULL) {
+		int n;
+		char *field;
+
 		/* Skip empty lines, comment lines */
 		if (buf[0] == '\0' || buf[0] == '#')
 			goto free_and_next;
@@ -204,7 +207,16 @@
 			/* no key specified: sequential read, return a record */
 			break;
 		}
-		if (strcmp(key, nth_string(buf, field_pos)) == 0) {
+		/* Can't use nth_string() here, it does not allow empty strings
+		 * ("\0\0" terminates the list), and a valid passwd entry
+		 * "user::UID:GID..." would be mishandled */
+		n = field_pos;
+		field = buf;
+		while (n) {
+			n--;
+			field += strlen(field) + 1;
+		}
+		if (strcmp(key, field) == 0) {
 			/* record found */
 			break;
 		}
commit	0cdd6f579256d7dcbf48548ee470b8bb54a7de64	[log] [tgz]
author	Denys Vlasenko <vda.linux@googlemail.com>	Wed Apr 27 15:29:57 2022 +0200
committer	Denys Vlasenko <vda.linux@googlemail.com>	Wed Apr 27 15:33:55 2022 +0200
tree	ba09a44658be4a6bd7220b5d3afec5720be5692e
parent	7fbfb2050f24a457a909ea6bcec85c49a21db83a [diff]