From: Rich Felker <dalias@aerifal.cx>
Date: Thu, 30 Jun 2011 12:11:06 +0000 (-0400)
Subject: fix buffer overrun in getgrent code when there are no group members
X-Git-Url: http://nsz.repo.hu/git/?a=commitdiff_plain;h=fb62ae74d0c87ff506e970bf18579cc96b16e046;p=musl

fix buffer overrun in getgrent code when there are no group members
---

diff --git a/src/passwd/getgrent_a.c b/src/passwd/getgrent_a.c
index ccb51d52..7c63c57b 100644
--- a/src/passwd/getgrent_a.c
+++ b/src/passwd/getgrent_a.c
@@ -37,10 +37,14 @@ struct group *__getgrent_a(FILE *f, struct group *gr, char **line, size_t *size,
 		*line = 0;
 		return 0;
 	}
-	mem[0][0] = mems;
-	for (s=mems, i=0; *s; s++)
-		if (*s==',') *s++ = 0, mem[0][++i] = s;
-	mem[0][++i] = 0;
+	if (*mems) {
+		mem[0][0] = mems;
+		for (s=mems, i=0; *s; s++)
+			if (*s==',') *s++ = 0, mem[0][++i] = s;
+		mem[0][++i] = 0;
+	} else {
+		mem[0][0] = 0;
+	}
 	gr->gr_mem = *mem;
 	return gr;
 }