| OLD | NEW |
|---|
| (Empty) | |
| 1 #include <pthread.h> |
| 2 #include <byteswap.h> |
| 3 #include <string.h> |
| 4 #include <unistd.h> |
| 5 #include "pwf.h" |
| 6 #include "nscd.h" |
| 7 |
| 8 static char *itoa(char *p, uint32_t x) |
| 9 { |
| 10 // number of digits in a uint32_t + NUL |
| 11 p += 11; |
| 12 *--p = 0; |
| 13 do { |
| 14 *--p = '0' + x % 10; |
| 15 x /= 10; |
| 16 } while (x); |
| 17 return p; |
| 18 } |
| 19 |
| 20 int __getpw_a(const char *name, uid_t uid, struct passwd *pw, char **buf, size_t
*size, struct passwd **res) |
| 21 { |
| 22 FILE *f; |
| 23 int cs; |
| 24 int rv = 0; |
| 25 |
| 26 *res = 0; |
| 27 |
| 28 pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cs); |
| 29 |
| 30 f = fopen("/etc/passwd", "rbe"); |
| 31 if (!f) { |
| 32 rv = errno; |
| 33 goto done; |
| 34 } |
| 35 |
| 36 while (!(rv = __getpwent_a(f, pw, buf, size, res)) && *res) { |
| 37 if (name && !strcmp(name, (*res)->pw_name) |
| 38 || !name && (*res)->pw_uid == uid) |
| 39 break; |
| 40 } |
| 41 fclose(f); |
| 42 |
| 43 if (!*res && (rv == 0 || rv == ENOENT || rv == ENOTDIR)) { |
| 44 int32_t req = name ? GETPWBYNAME : GETPWBYUID; |
| 45 const char *key; |
| 46 int32_t passwdbuf[PW_LEN] = {0}; |
| 47 size_t len = 0; |
| 48 char uidbuf[11] = {0}; |
| 49 |
| 50 if (name) { |
| 51 key = name; |
| 52 } else { |
| 53 /* uid outside of this range can't be queried with the |
| 54 * nscd interface, but might happen if uid_t ever |
| 55 * happens to be a larger type (this is not true as of |
| 56 * now) |
| 57 */ |
| 58 if(uid < 0 || uid > UINT32_MAX) { |
| 59 rv = 0; |
| 60 goto done; |
| 61 } |
| 62 key = itoa(uidbuf, uid); |
| 63 } |
| 64 |
| 65 f = __nscd_query(req, key, passwdbuf, sizeof passwdbuf, (int[]){
0}); |
| 66 if (!f) { rv = errno; goto done; } |
| 67 |
| 68 if(!passwdbuf[PWFOUND]) { rv = 0; goto cleanup_f; } |
| 69 |
| 70 /* A zero length response from nscd is invalid. We ignore |
| 71 * invalid responses and just report an error, rather than |
| 72 * trying to do something with them. |
| 73 */ |
| 74 if (!passwdbuf[PWNAMELEN] || !passwdbuf[PWPASSWDLEN] |
| 75 || !passwdbuf[PWGECOSLEN] || !passwdbuf[PWDIRLEN] |
| 76 || !passwdbuf[PWSHELLLEN]) { |
| 77 rv = EIO; |
| 78 goto cleanup_f; |
| 79 } |
| 80 |
| 81 if ((passwdbuf[PWNAMELEN]|passwdbuf[PWPASSWDLEN] |
| 82 |passwdbuf[PWGECOSLEN]|passwdbuf[PWDIRLEN] |
| 83 |passwdbuf[PWSHELLLEN]) >= SIZE_MAX/8) { |
| 84 rv = ENOMEM; |
| 85 goto cleanup_f; |
| 86 } |
| 87 |
| 88 len = passwdbuf[PWNAMELEN] + passwdbuf[PWPASSWDLEN] |
| 89 + passwdbuf[PWGECOSLEN] + passwdbuf[PWDIRLEN] |
| 90 + passwdbuf[PWSHELLLEN]; |
| 91 |
| 92 if (len > *size || !*buf) { |
| 93 char *tmp = realloc(*buf, len); |
| 94 if (!tmp) { |
| 95 rv = errno; |
| 96 goto cleanup_f; |
| 97 } |
| 98 *buf = tmp; |
| 99 *size = len; |
| 100 } |
| 101 |
| 102 if (!fread(*buf, len, 1, f)) { |
| 103 rv = ferror(f) ? errno : EIO; |
| 104 goto cleanup_f; |
| 105 } |
| 106 |
| 107 pw->pw_name = *buf; |
| 108 pw->pw_passwd = pw->pw_name + passwdbuf[PWNAMELEN]; |
| 109 pw->pw_gecos = pw->pw_passwd + passwdbuf[PWPASSWDLEN]; |
| 110 pw->pw_dir = pw->pw_gecos + passwdbuf[PWGECOSLEN]; |
| 111 pw->pw_shell = pw->pw_dir + passwdbuf[PWDIRLEN]; |
| 112 pw->pw_uid = passwdbuf[PWUID]; |
| 113 pw->pw_gid = passwdbuf[PWGID]; |
| 114 |
| 115 /* Don't assume that nscd made sure to null terminate strings. |
| 116 * It's supposed to, but malicious nscd should be ignored |
| 117 * rather than causing a crash. |
| 118 */ |
| 119 if (pw->pw_passwd[-1] || pw->pw_gecos[-1] || pw->pw_dir[-1] |
| 120 || pw->pw_shell[passwdbuf[PWSHELLLEN]-1]) { |
| 121 rv = EIO; |
| 122 goto cleanup_f; |
| 123 } |
| 124 |
| 125 if (name && strcmp(name, pw->pw_name) |
| 126 || !name && uid != pw->pw_uid) { |
| 127 rv = EIO; |
| 128 goto cleanup_f; |
| 129 } |
| 130 |
| 131 |
| 132 *res = pw; |
| 133 cleanup_f: |
| 134 fclose(f); |
| 135 goto done; |
| 136 } |
| 137 |
| 138 done: |
| 139 pthread_setcancelstate(cs, 0); |
| 140 if (rv) errno = rv; |
| 141 return rv; |
| 142 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1573973002:
Add a "fork" of musl as //fusl. (Closed)
Base URL: https://github.com/domokit/mojo.git@master