diff options
-rw-r--r-- | src/firejail/restrict_users.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/firejail/restrict_users.c b/src/firejail/restrict_users.c index 741e908ed..e258f6204 100644 --- a/src/firejail/restrict_users.c +++ b/src/firejail/restrict_users.c | |||
@@ -210,9 +210,9 @@ static void sanitize_passwd(void) { | |||
210 | goto errout; | 210 | goto errout; |
211 | 211 | ||
212 | // process uid | 212 | // process uid |
213 | int uid; | 213 | int uid = -1; |
214 | int rv = sscanf(ptr, "%d:", &uid); | 214 | int rv = sscanf(ptr, "%d:", &uid); |
215 | if (rv == 0 || uid < 0) | 215 | if (rv != 1 || uid < 0) |
216 | goto errout; | 216 | goto errout; |
217 | assert(uid_min); | 217 | assert(uid_min); |
218 | if (uid < uid_min || uid == 65534) { // on Debian platforms user nobody is 65534 | 218 | if (uid < uid_min || uid == 65534) { // on Debian platforms user nobody is 65534 |
@@ -349,9 +349,9 @@ static void sanitize_group(void) { | |||
349 | goto errout; | 349 | goto errout; |
350 | 350 | ||
351 | // process uid | 351 | // process uid |
352 | int gid; | 352 | int gid = -1; |
353 | int rv = sscanf(ptr, "%d:", &gid); | 353 | int rv = sscanf(ptr, "%d:", &gid); |
354 | if (rv == 0 || gid < 0) | 354 | if (rv != 1 || gid < 0) |
355 | goto errout; | 355 | goto errout; |
356 | assert(gid_min); | 356 | assert(gid_min); |
357 | if (gid < gid_min || gid == 65534) { // on Debian platforms 65534 is group nogroup | 357 | if (gid < gid_min || gid == 65534) { // on Debian platforms 65534 is group nogroup |