From 13f4a37b536b60d559c766b3ec4f2d5d25279ea3 Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Fri, 5 Jun 2026 00:12:24 +0200 Subject: [PATCH] pw: fix uninitialized name pointer in pw_group_del The 'name' variable could be left uninitialized if neither the positional argument nor -n is supplied, leading to undefined behavior when passed to getgroup(). --- usr.sbin/pw/pw_group.c | 2 +- usr.sbin/pw/tests/pw_groupdel_test.sh | 18 ++++++++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/usr.sbin/pw/pw_group.c b/usr.sbin/pw/pw_group.c index 1941c03aa2c..2840e972af5 100644 --- a/usr.sbin/pw/pw_group.c +++ b/usr.sbin/pw/pw_group.c @@ -367,7 +367,7 @@ pw_group_del(int argc, char **argv, char *arg1) { struct userconf *cnf = NULL; struct group *grp = NULL; - char *name; + char *name = NULL; const char *cfg = NULL; intmax_t id = -1; int ch, rc; diff --git a/usr.sbin/pw/tests/pw_groupdel_test.sh b/usr.sbin/pw/tests/pw_groupdel_test.sh index fa51b381420..0fb5651944f 100755 --- a/usr.sbin/pw/tests/pw_groupdel_test.sh +++ b/usr.sbin/pw/tests/pw_groupdel_test.sh @@ -18,6 +18,20 @@ group_do_not_delete_wheel_if_group_unknown_body() { } -atf_init_test_cases() { - atf_add_test_case group_do_not_delete_wheel_if_group_unknown +atf_test_case group_delete_by_gid cleanup +group_delete_by_gid_head() { + atf_set "descr" "Test deleting a group by gid without providing a name" +} +group_delete_by_gid_body() { + populate_etc_skel + ${PW} groupadd testgroup -g 1000 || atf_fail "Creating test group" + atf_check -s exit:0 -o inline:"testgroup:*:1000:\n" \ + -x ${PW} groupshow 1000 + ${PW} groupdel -g 1000 || atf_fail "Deleting group by gid" +} + + +atf_init_test_cases() { + atf_add_test_case group_do_not_delete_wheel_if_group_unknown + atf_add_test_case group_delete_by_gid }