RFR: JDK-8259786: initialize last parameter of getpwuid_r
Matthias Baesken
mbaesken at openjdk.java.net
Fri Jan 15 11:29:16 UTC 2021
We have a couple of calls to getpwuid_r in the codebase, like
g= getpwuid_r(getuid(), &resbuf, pwd_buf, sizeof(pwd_buf), &pwd);
Usually we NULL-check pwd after the call because we do not fully trust the return code of the function (it is documented in the codebase why we do not fully trust the return code) . However we miss to initialize pwd at some places before the call, which might we a little problematic and should be improved (at other places we already initialize it).
This triggers also Sonar warnings like :
https://sonarcloud.io/project/issues?id=jdk&open=AXaE0dsA8L9hkQskGEbA&resolved=false&types=BUG
Aside from this issue , should we in other issue , unify the OS versions of static char* get_user_name(uid_t uid) in posix code (currently we have it for bsd, linux, aix but the functions look very similar ?
-------------
Commit messages:
- JDK-8259786
Changes: https://git.openjdk.java.net/jdk/pull/2098/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=2098&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8259786
Stats: 13 lines in 4 files changed: 0 ins; 4 del; 9 mod
Patch: https://git.openjdk.java.net/jdk/pull/2098.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/2098/head:pull/2098
PR: https://git.openjdk.java.net/jdk/pull/2098
More information about the security-dev
mailing list