| Index: fusl/src/passwd/getpw_a.c
|
| diff --git a/fusl/src/passwd/getpw_a.c b/fusl/src/passwd/getpw_a.c
|
| index cebdd021b21f89a7561e18d5e9661667352bb46f..37575665d31d048d3e6f3a8b0ff02140b56955c9 100644
|
| --- a/fusl/src/passwd/getpw_a.c
|
| +++ b/fusl/src/passwd/getpw_a.c
|
| @@ -5,138 +5,144 @@
|
| #include "pwf.h"
|
| #include "nscd.h"
|
|
|
| -static char *itoa(char *p, uint32_t x)
|
| -{
|
| - // number of digits in a uint32_t + NUL
|
| - p += 11;
|
| - *--p = 0;
|
| - do {
|
| - *--p = '0' + x % 10;
|
| - x /= 10;
|
| - } while (x);
|
| - return p;
|
| +static char* itoa(char* p, uint32_t x) {
|
| + // number of digits in a uint32_t + NUL
|
| + p += 11;
|
| + *--p = 0;
|
| + do {
|
| + *--p = '0' + x % 10;
|
| + x /= 10;
|
| + } while (x);
|
| + return p;
|
| }
|
|
|
| -int __getpw_a(const char *name, uid_t uid, struct passwd *pw, char **buf, size_t *size, struct passwd **res)
|
| -{
|
| - FILE *f;
|
| - int cs;
|
| - int rv = 0;
|
| -
|
| - *res = 0;
|
| -
|
| - pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cs);
|
| -
|
| - f = fopen("/etc/passwd", "rbe");
|
| - if (!f) {
|
| - rv = errno;
|
| - goto done;
|
| - }
|
| -
|
| - while (!(rv = __getpwent_a(f, pw, buf, size, res)) && *res) {
|
| - if ((name && !strcmp(name, (*res)->pw_name))
|
| - || (!name && (*res)->pw_uid == uid))
|
| - break;
|
| - }
|
| - fclose(f);
|
| -
|
| - if (!*res && (rv == 0 || rv == ENOENT || rv == ENOTDIR)) {
|
| - int32_t req = name ? GETPWBYNAME : GETPWBYUID;
|
| - const char *key;
|
| - int32_t passwdbuf[PW_LEN] = {0};
|
| - size_t len = 0;
|
| - char uidbuf[11] = {0};
|
| -
|
| - if (name) {
|
| - key = name;
|
| - } else {
|
| - /* uid outside of this range can't be queried with the
|
| - * nscd interface, but might happen if uid_t ever
|
| - * happens to be a larger type (this is not true as of
|
| - * now)
|
| - */
|
| - if(uid > UINT32_MAX) {
|
| - rv = 0;
|
| - goto done;
|
| - }
|
| - key = itoa(uidbuf, uid);
|
| - }
|
| -
|
| - f = __nscd_query(req, key, passwdbuf, sizeof passwdbuf, (int[]){0});
|
| - if (!f) { rv = errno; goto done; }
|
| -
|
| - if(!passwdbuf[PWFOUND]) { rv = 0; goto cleanup_f; }
|
| -
|
| - /* A zero length response from nscd is invalid. We ignore
|
| - * invalid responses and just report an error, rather than
|
| - * trying to do something with them.
|
| - */
|
| - if (!passwdbuf[PWNAMELEN] || !passwdbuf[PWPASSWDLEN]
|
| - || !passwdbuf[PWGECOSLEN] || !passwdbuf[PWDIRLEN]
|
| - || !passwdbuf[PWSHELLLEN]) {
|
| - rv = EIO;
|
| - goto cleanup_f;
|
| - }
|
| -
|
| - if ((passwdbuf[PWNAMELEN]|passwdbuf[PWPASSWDLEN]
|
| - |passwdbuf[PWGECOSLEN]|passwdbuf[PWDIRLEN]
|
| - |passwdbuf[PWSHELLLEN]) >= SIZE_MAX/8) {
|
| - rv = ENOMEM;
|
| - goto cleanup_f;
|
| - }
|
| -
|
| - len = passwdbuf[PWNAMELEN] + passwdbuf[PWPASSWDLEN]
|
| - + passwdbuf[PWGECOSLEN] + passwdbuf[PWDIRLEN]
|
| - + passwdbuf[PWSHELLLEN];
|
| -
|
| - if (len > *size || !*buf) {
|
| - char *tmp = realloc(*buf, len);
|
| - if (!tmp) {
|
| - rv = errno;
|
| - goto cleanup_f;
|
| - }
|
| - *buf = tmp;
|
| - *size = len;
|
| - }
|
| -
|
| - if (!fread(*buf, len, 1, f)) {
|
| - rv = ferror(f) ? errno : EIO;
|
| - goto cleanup_f;
|
| - }
|
| -
|
| - pw->pw_name = *buf;
|
| - pw->pw_passwd = pw->pw_name + passwdbuf[PWNAMELEN];
|
| - pw->pw_gecos = pw->pw_passwd + passwdbuf[PWPASSWDLEN];
|
| - pw->pw_dir = pw->pw_gecos + passwdbuf[PWGECOSLEN];
|
| - pw->pw_shell = pw->pw_dir + passwdbuf[PWDIRLEN];
|
| - pw->pw_uid = passwdbuf[PWUID];
|
| - pw->pw_gid = passwdbuf[PWGID];
|
| -
|
| - /* Don't assume that nscd made sure to null terminate strings.
|
| - * It's supposed to, but malicious nscd should be ignored
|
| - * rather than causing a crash.
|
| - */
|
| - if (pw->pw_passwd[-1] || pw->pw_gecos[-1] || pw->pw_dir[-1]
|
| - || pw->pw_shell[passwdbuf[PWSHELLLEN]-1]) {
|
| - rv = EIO;
|
| - goto cleanup_f;
|
| - }
|
| -
|
| - if ((name && strcmp(name, pw->pw_name))
|
| - || (!name && uid != pw->pw_uid)) {
|
| - rv = EIO;
|
| - goto cleanup_f;
|
| - }
|
| -
|
| -
|
| - *res = pw;
|
| -cleanup_f:
|
| - fclose(f);
|
| - goto done;
|
| - }
|
| +int __getpw_a(const char* name,
|
| + uid_t uid,
|
| + struct passwd* pw,
|
| + char** buf,
|
| + size_t* size,
|
| + struct passwd** res) {
|
| + FILE* f;
|
| + int cs;
|
| + int rv = 0;
|
| +
|
| + *res = 0;
|
| +
|
| + pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cs);
|
| +
|
| + f = fopen("/etc/passwd", "rbe");
|
| + if (!f) {
|
| + rv = errno;
|
| + goto done;
|
| + }
|
| +
|
| + while (!(rv = __getpwent_a(f, pw, buf, size, res)) && *res) {
|
| + if ((name && !strcmp(name, (*res)->pw_name)) ||
|
| + (!name && (*res)->pw_uid == uid))
|
| + break;
|
| + }
|
| + fclose(f);
|
| +
|
| + if (!*res && (rv == 0 || rv == ENOENT || rv == ENOTDIR)) {
|
| + int32_t req = name ? GETPWBYNAME : GETPWBYUID;
|
| + const char* key;
|
| + int32_t passwdbuf[PW_LEN] = {0};
|
| + size_t len = 0;
|
| + char uidbuf[11] = {0};
|
| +
|
| + if (name) {
|
| + key = name;
|
| + } else {
|
| + /* uid outside of this range can't be queried with the
|
| + * nscd interface, but might happen if uid_t ever
|
| + * happens to be a larger type (this is not true as of
|
| + * now)
|
| + */
|
| + if (uid > UINT32_MAX) {
|
| + rv = 0;
|
| + goto done;
|
| + }
|
| + key = itoa(uidbuf, uid);
|
| + }
|
| +
|
| + f = __nscd_query(req, key, passwdbuf, sizeof passwdbuf, (int[]){0});
|
| + if (!f) {
|
| + rv = errno;
|
| + goto done;
|
| + }
|
| +
|
| + if (!passwdbuf[PWFOUND]) {
|
| + rv = 0;
|
| + goto cleanup_f;
|
| + }
|
| +
|
| + /* A zero length response from nscd is invalid. We ignore
|
| + * invalid responses and just report an error, rather than
|
| + * trying to do something with them.
|
| + */
|
| + if (!passwdbuf[PWNAMELEN] || !passwdbuf[PWPASSWDLEN] ||
|
| + !passwdbuf[PWGECOSLEN] || !passwdbuf[PWDIRLEN] ||
|
| + !passwdbuf[PWSHELLLEN]) {
|
| + rv = EIO;
|
| + goto cleanup_f;
|
| + }
|
| +
|
| + if ((passwdbuf[PWNAMELEN] | passwdbuf[PWPASSWDLEN] | passwdbuf[PWGECOSLEN] |
|
| + passwdbuf[PWDIRLEN] | passwdbuf[PWSHELLLEN]) >= SIZE_MAX / 8) {
|
| + rv = ENOMEM;
|
| + goto cleanup_f;
|
| + }
|
| +
|
| + len = passwdbuf[PWNAMELEN] + passwdbuf[PWPASSWDLEN] +
|
| + passwdbuf[PWGECOSLEN] + passwdbuf[PWDIRLEN] + passwdbuf[PWSHELLLEN];
|
| +
|
| + if (len > *size || !*buf) {
|
| + char* tmp = realloc(*buf, len);
|
| + if (!tmp) {
|
| + rv = errno;
|
| + goto cleanup_f;
|
| + }
|
| + *buf = tmp;
|
| + *size = len;
|
| + }
|
| +
|
| + if (!fread(*buf, len, 1, f)) {
|
| + rv = ferror(f) ? errno : EIO;
|
| + goto cleanup_f;
|
| + }
|
| +
|
| + pw->pw_name = *buf;
|
| + pw->pw_passwd = pw->pw_name + passwdbuf[PWNAMELEN];
|
| + pw->pw_gecos = pw->pw_passwd + passwdbuf[PWPASSWDLEN];
|
| + pw->pw_dir = pw->pw_gecos + passwdbuf[PWGECOSLEN];
|
| + pw->pw_shell = pw->pw_dir + passwdbuf[PWDIRLEN];
|
| + pw->pw_uid = passwdbuf[PWUID];
|
| + pw->pw_gid = passwdbuf[PWGID];
|
| +
|
| + /* Don't assume that nscd made sure to null terminate strings.
|
| + * It's supposed to, but malicious nscd should be ignored
|
| + * rather than causing a crash.
|
| + */
|
| + if (pw->pw_passwd[-1] || pw->pw_gecos[-1] || pw->pw_dir[-1] ||
|
| + pw->pw_shell[passwdbuf[PWSHELLLEN] - 1]) {
|
| + rv = EIO;
|
| + goto cleanup_f;
|
| + }
|
| +
|
| + if ((name && strcmp(name, pw->pw_name)) || (!name && uid != pw->pw_uid)) {
|
| + rv = EIO;
|
| + goto cleanup_f;
|
| + }
|
| +
|
| + *res = pw;
|
| + cleanup_f:
|
| + fclose(f);
|
| + goto done;
|
| + }
|
|
|
| done:
|
| - pthread_setcancelstate(cs, 0);
|
| - if (rv) errno = rv;
|
| - return rv;
|
| + pthread_setcancelstate(cs, 0);
|
| + if (rv)
|
| + errno = rv;
|
| + return rv;
|
| }
|
|
|
Chromium Code Reviews
Issue 1714623002:
[fusl] clang-format fusl (Closed)
Base URL: git@github.com:domokit/mojo.git@master