BUG/MEDIUM: cfgparse: segfault when userlist is misused
If the 'userlist' keyword parsing returns an error and no userlist were
previously created. The parsing of 'user' and 'group' leads to NULL
derefence.
The userlist pointer is now tested to prevent this issue.
(cherry picked from commit 4ac9f546120d42be8147e3d90588e7b9738af0cc)
diff --git a/src/cfgparse.c b/src/cfgparse.c
index 3c3383d..392a78d 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -5668,6 +5668,9 @@
goto out;
}
+ if (!userlist)
+ goto out;
+
for (ag = userlist->groups; ag; ag = ag->next)
if (!strcmp(ag->name, args[1])) {
Warning("parsing [%s:%d]: ignoring duplicated group '%s' in userlist '%s'.\n",
@@ -5718,6 +5721,8 @@
err_code |= ERR_ALERT | ERR_FATAL;
goto out;
}
+ if (!userlist)
+ goto out;
for (newuser = userlist->users; newuser; newuser = newuser->next)
if (!strcmp(newuser->user, args[1])) {