From 42c74a30927e0f5a7c28809ed3df548911bf17a1 Mon Sep 17 00:00:00 2001
From: Baptiste Daroussin <bapt@FreeBSD.org>
Date: Wed, 2 Dec 2015 22:01:37 +0000
Subject: Fix handling of numeric-only names with pw lock Add a regression test
 about it

PR:		204968
MFC after:	1 week
---
 pw/pw_user.c | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

(limited to 'pw/pw_user.c')

diff --git a/pw/pw_user.c b/pw/pw_user.c
index 5c168ab..61c2440 100644
--- a/pw/pw_user.c
+++ b/pw/pw_user.c
@@ -274,7 +274,7 @@ pw_userlock(char *arg1, int mode)
 	char *passtmp = NULL;
 	char *name;
 	bool locked = false;
-	uid_t id;
+	uid_t id = (uid_t)-1;
 
 	if (geteuid() != 0)
 		errx(EX_NOPERM, "you must be root");
@@ -282,16 +282,19 @@ pw_userlock(char *arg1, int mode)
 	if (arg1 == NULL)
 		errx(EX_DATAERR, "username or id required");
 
-	if (arg1[strspn(arg1, "0123456789")] == '\0') {
-		id = pw_checkid(arg1, UID_MAX);
-		name = NULL;
-	} else
-		name = arg1;
+	name = arg1;
+	if (arg1[strspn(name, "0123456789")] == '\0')
+		id = pw_checkid(name, UID_MAX);
 
-	pwd = (name != NULL) ? GETPWNAM(pw_checkname(name, 0)) : GETPWUID(id);
+	pwd = GETPWNAM(pw_checkname(name, 0));
+	if (pwd == NULL && id != (uid_t)-1) {
+		pwd = GETPWUID(id);
+		if (pwd != NULL)
+			name = pwd->pw_name;
+	}
 	if (pwd == NULL) {
-		if (name == NULL)
-			errx(EX_NOUSER, "no such uid `%ju'", (uintmax_t) id);
+		if (id == (uid_t)-1)
+			errx(EX_NOUSER, "no such name or uid `%ju'", (uintmax_t) id);
 		errx(EX_NOUSER, "no such user `%s'", name);
 	}
 
-- 
cgit v1.2.3-56-ge451