=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/su/su.c,v retrieving revision 1.73 retrieving revision 1.73.2.2 diff -c -r1.73 -r1.73.2.2 *** src/usr.bin/su/su.c 2019/01/28 01:38:06 1.73 --- src/usr.bin/su/su.c 2019/12/09 04:51:48 1.73.2.2 *************** *** 1,4 **** ! /* $OpenBSD: su.c,v 1.73 2019/01/28 01:38:06 deraadt Exp $ */ /* * Copyright (c) 1988 The Regents of the University of California. --- 1,4 ---- ! /* $OpenBSD: su.c,v 1.73.2.2 2019/12/09 04:51:48 tb Exp $ */ /* * Copyright (c) 1988 The Regents of the University of California. *************** *** 149,159 **** if (pwd == NULL) auth_errx(as, 1, "who are you?"); if ((username = strdup(pwd->pw_name)) == NULL) ! auth_errx(as, 1, "can't allocate memory"); if (asme && !altshell) { if (pwd->pw_shell && *pwd->pw_shell) { if ((shell = strdup(pwd->pw_shell)) == NULL) ! auth_errx(as, 1, "can't allocate memory"); } else { shell = _PATH_BSHELL; iscsh = NO; --- 149,159 ---- if (pwd == NULL) auth_errx(as, 1, "who are you?"); if ((username = strdup(pwd->pw_name)) == NULL) ! auth_err(as, 1, NULL); if (asme && !altshell) { if (pwd->pw_shell && *pwd->pw_shell) { if ((shell = strdup(pwd->pw_shell)) == NULL) ! auth_err(as, 1, NULL); } else { shell = _PATH_BSHELL; iscsh = NO; *************** *** 170,175 **** --- 170,177 ---- err(1, "unveil"); for (;;) { + char *pw_class = class; + /* get target user, default to root unless in -L mode */ if (*argv) { user = *argv; *************** *** 194,200 **** auth_clean(as); if (auth_setitem(as, AUTHV_INTERACTIVE, "True") != 0 || auth_setitem(as, AUTHV_NAME, user) != 0) ! auth_errx(as, 1, "can't allocate memory"); if ((user = auth_getitem(as, AUTHV_NAME)) == NULL) auth_errx(as, 1, "internal error"); if (auth_setpwd(as, NULL) || (pwd = auth_getpwd(as)) == NULL) { --- 196,202 ---- auth_clean(as); if (auth_setitem(as, AUTHV_INTERACTIVE, "True") != 0 || auth_setitem(as, AUTHV_NAME, user) != 0) ! auth_err(as, 1, NULL); if ((user = auth_getitem(as, AUTHV_NAME)) == NULL) auth_errx(as, 1, "internal error"); if (auth_setpwd(as, NULL) || (pwd = auth_getpwd(as)) == NULL) { *************** *** 205,215 **** } /* If the user specified a login class, use it */ ! if (!class && pwd && pwd->pw_class && pwd->pw_class[0] != '\0') ! class = strdup(pwd->pw_class); ! if ((lc = login_getclass(class)) == NULL) auth_errx(as, 1, "no such login class: %s", ! class ? class : LOGIN_DEFCLASS); if ((ruid == 0 && !emlogin) || verify_user(username, pwd, style, lc, as) == 0) --- 207,217 ---- } /* If the user specified a login class, use it */ ! if (pw_class == NULL && pwd != NULL) ! pw_class = pwd->pw_class; ! if ((lc = login_getclass(pw_class)) == NULL) auth_errx(as, 1, "no such login class: %s", ! pw_class ? pw_class : LOGIN_DEFCLASS); if ((ruid == 0 && !emlogin) || verify_user(username, pwd, style, lc, as) == 0) *************** *** 223,228 **** --- 225,232 ---- } fprintf(stderr, "Login incorrect\n"); } + if (pwd == NULL) + auth_errx(as, 1, "internal error"); if (pledge("stdio unveil rpath getpw exec id", NULL) == -1) err(1, "pledge"); *************** *** 234,240 **** auth_errx(as, 1, "permission denied (shell)."); } else if (pwd->pw_shell && *pwd->pw_shell) { if ((shell = strdup(pwd->pw_shell)) == NULL) ! auth_errx(as, 1, "can't allocate memory"); iscsh = UNSET; } else { shell = _PATH_BSHELL; --- 238,244 ---- auth_errx(as, 1, "permission denied (shell)."); } else if (pwd->pw_shell && *pwd->pw_shell) { if ((shell = strdup(pwd->pw_shell)) == NULL) ! auth_err(as, 1, NULL); iscsh = UNSET; } else { shell = _PATH_BSHELL;