X-Git-Url: http://nsz.repo.hu/git/?a=blobdiff_plain;f=src%2Fpasswd%2Fgetspnam_r.c;h=15f8c87b7dfbaba74c984b08b729fd68f2170c26;hb=3b26a32df42092af6d0cdac655e52635b91d36b2;hp=1dd39ce01d973e5f8268cf6775fab909ce12fb49;hpb=0b44a0315b47dd8eced9f3b7f31580cf14bbfc01;p=musl diff --git a/src/passwd/getspnam_r.c b/src/passwd/getspnam_r.c index 1dd39ce0..15f8c87b 100644 --- a/src/passwd/getspnam_r.c +++ b/src/passwd/getspnam_r.c @@ -1,5 +1,8 @@ #include #include +#include +#include +#include #include "pwf.h" /* This implementation support Openwall-style TCB passwords in place of @@ -9,6 +12,52 @@ * file. It also avoids any allocation to prevent memory-exhaustion * attacks via huge TCB shadow files. */ +static long xatol(char **s) +{ + long x; + if (**s == ':' || **s == '\n') return -1; + for (x=0; **s-'0'<10U; ++*s) x=10*x+(**s-'0'); + return x; +} + +int __parsespent(char *s, struct spwd *sp) +{ + sp->sp_namp = s; + if (!(s = strchr(s, ':'))) return -1; + *s = 0; + + sp->sp_pwdp = ++s; + if (!(s = strchr(s, ':'))) return -1; + *s = 0; + + s++; sp->sp_lstchg = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_min = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_max = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_warn = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_inact = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_expire = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_flag = xatol(&s); + if (*s != '\n') return -1; + return 0; +} + +static void cleanup(void *p) +{ + fclose(p); +} + int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct spwd **res) { char path[20+NAME_MAX]; @@ -16,8 +65,8 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct int rv = 0; int fd; size_t k, l = strlen(name); - char *s; int skip = 0; + int cs; *res = 0; @@ -32,18 +81,22 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct if (snprintf(path, sizeof path, "/etc/tcb/%s/shadow", name) >= sizeof path) return EINVAL; - fd = open(path, O_RDONLY|O_NOFOLLOW|O_NONBLOCK); + fd = open(path, O_RDONLY|O_NOFOLLOW|O_NONBLOCK|O_CLOEXEC); if (fd >= 0) { - f = fdopen(fd, "rb"); - if (!f) { + struct stat st = { 0 }; + errno = EINVAL; + if (fstat(fd, &st) || !S_ISREG(st.st_mode) || !(f = fdopen(fd, "rb"))) { + pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cs); close(fd); + pthread_setcancelstate(cs, 0); return errno; } } else { - f = fopen("/etc/shadow", "rb"); + f = fopen("/etc/shadow", "rbe"); if (!f) return errno; } + pthread_cleanup_push(cleanup, f); while (fgets(buf, size, f) && (k=strlen(buf))>0) { if (skip || strncmp(name, buf, l)) { skip = buf[k-1] != '\n'; @@ -53,37 +106,11 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct rv = ERANGE; break; } - buf[k-1] = 0; - - s = buf; - sp->sp_namp = s; - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_pwdp = s; - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_lstchg = atol(s); - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_min = atol(s); - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_max = atol(s); - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_warn = atol(s); - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_inact = atol(s); - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_expire = atol(s); - if (!(s = strchr(s, ':'))) continue; - *s++ = 0; sp->sp_flag = atol(s); + if (__parsespent(buf, sp) < 0) continue; *res = sp; break; } - fclose(f); + pthread_cleanup_pop(1); return rv; }