1 files changed, 4 insertions, 4 deletions
diff --git a/src/firejail/restrict_users.c b/src/firejail/restrict_users.c
index 741e908ed..e258f6204 100644
--- a/src/firejail/restrict_users.c
+++ b/src/firejail/restrict_users.c
@@ -210,9 +210,9 @@ static void sanitize_passwd(void) {
                        goto errout;
                // process uid
-                int uid;
+                int uid = -1;
                int rv = sscanf(ptr, "%d:", &uid);
-                if (rv == 0 || uid < 0)
+                if (rv != 1 || uid < 0)
                        goto errout;
                assert(uid_min);
                if (uid < uid_min || uid == 65534) { // on Debian platforms user nobody is 65534
@@ -349,9 +349,9 @@ static void sanitize_group(void) {
                        goto errout;
                // process uid
-                int gid;
+                int gid = -1;
                int rv = sscanf(ptr, "%d:", &gid);
-                if (rv == 0 || gid < 0)
+                if (rv != 1 || gid < 0)
                        goto errout;
                assert(gid_min);
                if (gid < gid_min || gid == 65534) { // on Debian platforms 65534 is group nogroup

diff --git a/src/firejail/restrict_users.c b/src/firejail/restrict_users.c index 741e908ed..e258f6204 100644 --- a/src/firejail/restrict_users.c +++ b/src/firejail/restrict_users.c
@@ -210,9 +210,9 @@ static void sanitize_passwd(void) {
210	goto errout;	210	goto errout;
211		211
212	// process uid	212	// process uid
213	int uid;	213	int uid = -1;
214	int rv = sscanf(ptr, "%d:", &uid);	214	int rv = sscanf(ptr, "%d:", &uid);
215	if (rv == 0 \|\| uid < 0)	215	if (rv != 1 \|\| uid < 0)
216	goto errout;	216	goto errout;
217	assert(uid_min);	217	assert(uid_min);
218	if (uid < uid_min \|\| uid == 65534) { // on Debian platforms user nobody is 65534	218	if (uid < uid_min \|\| uid == 65534) { // on Debian platforms user nobody is 65534
@@ -349,9 +349,9 @@ static void sanitize_group(void) {
349	goto errout;	349	goto errout;
350		350
351	// process uid	351	// process uid
352	int gid;	352	int gid = -1;
353	int rv = sscanf(ptr, "%d:", &gid);	353	int rv = sscanf(ptr, "%d:", &gid);
354	if (rv == 0 \|\| gid < 0)	354	if (rv != 1 \|\| gid < 0)
355	goto errout;	355	goto errout;
356	assert(gid_min);	356	assert(gid_min);
357	if (gid < gid_min \|\| gid == 65534) { // on Debian platforms 65534 is group nogroup	357	if (gid < gid_min \|\| gid == 65534) { // on Debian platforms 65534 is group nogroup