fix buffer overrun in getgrent code when there are no group members

diff --git a/src/passwd/getgrent_a.c b/src/passwd/getgrent_a.c
index ccb51d5..7c63c57 100644 (file)
--- a/src/passwd/getgrent_a.c
+++ b/src/passwd/getgrent_a.c
@@ -37,10 +37,14 @@ struct group *__getgrent_a(FILE *f, struct group *gr, char **line, size_t *size,
                *line = 0;
                return 0;
        }
-       mem[0][0] = mems;
-       for (s=mems, i=0; *s; s++)
-               if (*s==',') *s++ = 0, mem[0][++i] = s;
-       mem[0][++i] = 0;
+       if (*mems) {
+               mem[0][0] = mems;
+               for (s=mems, i=0; *s; s++)
+                       if (*s==',') *s++ = 0, mem[0][++i] = s;
+               mem[0][++i] = 0;
+       } else {
+               mem[0][0] = 0;
+       }
        gr->gr_mem = *mem;
        return gr;
 }