picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #4989 from poettering/nss-einval

Browse source 
nss user/group name validation fixes
This commit is contained in:
Martin Pitt 2016-12-29 10:42:22 +01:00 committed by GitHub
parent 4d1fe20a58 d6c575e303
commit 2a4e5c629e
3 changed files with 25 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/basic/user-util.c
View file

@ -46,6 +46,8 @@
bool uid_is_valid(uid_t uid) {
/* Also see POSIX IEEE Std 1003.1-2008, 2016 Edition, 3.436. */
/* Some libc APIs use UID_INVALID as special placeholder */
if (uid == (uid_t) UINT32_C(0xFFFFFFFF))
return false;
@ -519,7 +521,15 @@ bool valid_user_group_name(const char *u) {
const char *i;
long sz;
/* Checks if the specified name is a valid user/group name. */
/* Checks if the specified name is a valid user/group name. Also see POSIX IEEE Std 1003.1-2008, 2016 Edition,
* 3.437. We are a bit stricter here however. Specifically we deviate from POSIX rules:
*
* - We don't allow any dots (this would break chown syntax which permits dots as user/group name separator)
* - We require that names fit into the appropriate utmp field
* - We don't allow empty user names
*
* Note that other systems are even more restrictive, and don't permit underscores or uppercase characters.
*/
if (isempty(u))
return false;

12
src/nss-mymachines/nss-mymachines.c
View file

@ -512,10 +512,8 @@ enum nss_status _nss_mymachines_getpwuid_r(
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
if (!uid_is_valid(uid)) {
r = -EINVAL;
goto fail;
}
if (!uid_is_valid(uid))
goto not_found;
/* We consider all uids < 65536 host uids */
if (uid < HOST_UID_LIMIT)
@ -686,10 +684,8 @@ enum nss_status _nss_mymachines_getgrgid_r(
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
if (!gid_is_valid(gid)) {
r = -EINVAL;
goto fail;
}
if (!gid_is_valid(gid))
goto not_found;
/* We consider all gids < 65536 host gids */
if (gid < HOST_GID_LIMIT)

26
src/nss-systemd/nss-systemd.c
View file

@ -123,10 +123,10 @@ enum nss_status _nss_systemd_getpwnam_r(
assert(name);
assert(pwd);
if (!valid_user_group_name(name)) {
r = -EINVAL;
goto fail;
}
/* If the username is not valid, then we don't know it. Ideally libc would filter these for us anyway. We don't
* generate EINVAL here, because it isn't really out business to complain about invalid user names. */
if (!valid_user_group_name(name))
goto not_found;
/* Synthesize entries for the root and nobody users, in case they are missing in /etc/passwd */
if (streq(name, root_passwd.pw_name)) {
@ -227,10 +227,8 @@ enum nss_status _nss_systemd_getpwuid_r(
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
if (!uid_is_valid(uid)) {
r = -EINVAL;
goto fail;
}
if (!uid_is_valid(uid))
goto not_found;
/* Synthesize data for the root user and for nobody in case they are missing from /etc/passwd */
if (uid == root_passwd.pw_uid) {
@ -329,10 +327,8 @@ enum nss_status _nss_systemd_getgrnam_r(
assert(name);
assert(gr);
if (!valid_user_group_name(name)) {
r = -EINVAL;
goto fail;
}
if (!valid_user_group_name(name))
goto not_found;
/* Synthesize records for root and nobody, in case they are missing form /etc/group */
if (streq(name, root_group.gr_name)) {
@ -430,10 +426,8 @@ enum nss_status _nss_systemd_getgrgid_r(
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
if (!gid_is_valid(gid)) {
r = -EINVAL;
goto fail;
}
if (!gid_is_valid(gid))
goto not_found;
/* Synthesize records for root and nobody, in case they are missing from /etc/group */
if (gid == root_group.gr_gid) {