1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-14 10:09:48 +00:00

Don't use `memset' to initialize a struct passwd. A module

may not fill in all fields, and in the case of string fields, this could
cause trouble for applications.  (The only likely example is `pw_class',
because this field is not used by all modules in all cases.)

Move initialization of struct passwd from module-specific code to the
dispatch code.

The problem of a NULL pw_class was
Noticed by:	Philip Paeps <philip@paeps.cx>
                    and the c^Htrusty ssh(1) command.
Déjà vu by:	getpwent.c revision 1.56

Sponsored by:	DARPA, Network Associates Laboratories
This commit is contained in:
Jacques Vidrine 2003-04-18 17:27:05 +00:00
parent 49281fbf68
commit 4c3c0fecae
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=113672

View File

@ -91,6 +91,8 @@ int __pw_match_entry(const char *, size_t, enum nss_lookup_type,
const char *, uid_t);
int __pw_parse_entry(char *, size_t, struct passwd *, int, int *errnop);
static int pwd_init(struct passwd *, char *, size_t);
union key {
const char *name;
uid_t uid;
@ -266,8 +268,10 @@ getpwent_r(struct passwd *pwd, char *buffer, size_t bufsize,
};
int rv, ret_errno;
ret_errno = 0;
*result = NULL;
ret_errno = pwd_init(pwd, buffer, bufsize);
if (ret_errno != 0)
return (ret_errno);
rv = _nsdispatch(result, dtab, NSDB_PASSWD, "getpwent_r", defaultsrc,
pwd, buffer, bufsize, &ret_errno);
if (rv == NS_SUCCESS)
@ -294,8 +298,10 @@ getpwnam_r(const char *name, struct passwd *pwd, char *buffer, size_t bufsize,
};
int rv, ret_errno;
ret_errno = 0;
*result = NULL;
ret_errno = pwd_init(pwd, buffer, bufsize);
if (ret_errno != 0)
return (ret_errno);
rv = _nsdispatch(result, dtab, NSDB_PASSWD, "getpwnam_r", defaultsrc,
name, pwd, buffer, bufsize, &ret_errno);
if (rv == NS_SUCCESS)
@ -322,8 +328,10 @@ getpwuid_r(uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize,
};
int rv, ret_errno;
ret_errno = 0;
*result = NULL;
ret_errno = pwd_init(pwd, buffer, bufsize);
if (ret_errno != 0)
return (ret_errno);
rv = _nsdispatch(result, dtab, NSDB_PASSWD, "getpwuid_r", defaultsrc,
uid, pwd, buffer, bufsize, &ret_errno);
if (rv == NS_SUCCESS)
@ -333,6 +341,26 @@ getpwuid_r(uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize,
}
static int
pwd_init(struct passwd *pwd, char *buffer, size_t bufsize)
{
if (bufsize < 1)
return (ERANGE);
buffer[0] = '\0';
memset(pwd, 0, sizeof(*pwd));
pwd->pw_uid = (uid_t)-1; /* Considered least likely to lead to */
pwd->pw_gid = (gid_t)-1; /* a security issue. */
pwd->pw_name = buffer;
pwd->pw_passwd = buffer;
pwd->pw_class = buffer;
pwd->pw_gecos = buffer;
pwd->pw_dir = buffer;
pwd->pw_shell = buffer;
return (0);
}
static struct passwd pwd;
static char *pwd_storage;
static size_t pwd_storage_size;
@ -667,7 +695,6 @@ pwdb_parse_entry_v3(char *buffer, size_t bufsize, struct passwd *pwd,
char *p, *eom;
int32_t pw_change, pw_expire;
memset(pwd, 0, sizeof(*pwd));
/* THIS CODE MUST MATCH THAT IN pwd_mkdb. */
p = buffer;
eom = &buffer[bufsize];
@ -739,7 +766,6 @@ pwdb_parse_entry_v4(char *buffer, size_t bufsize, struct passwd *pwd,
char *p, *eom;
uint32_t n;
memset(pwd, 0, sizeof(*pwd));
/* THIS CODE MUST MATCH THAT IN pwd_mkdb. */
p = buffer;
eom = &buffer[bufsize];
@ -1652,7 +1678,6 @@ __pw_parse_entry(char *buffer, size_t bufsize __unused, struct passwd *pwd,
int master, int *errnop __unused)
{
memset(pwd, 0, sizeof(*pwd));
if (__pw_scan(buffer, pwd, master ? _PWSCAN_MASTER : 0) == 0)
return (NS_NOTFOUND);
else