Date: Mon, 23 Sep 2002 16:46:32 +0400 (MSD) From: Maxim Konovalov <maxim@macomnet.ru> To: audit@freebsd.org Subject: pw_scan patch, bin/41721 Message-ID: <20020923164234.B32787-100000@news1.macomnet.ru>
index | next in thread | raw e-mail
Hello,
Anything wrong with the code below? I am going to commit it in two or
three days. Thanks.
Index: pw_scan.c
===================================================================
RCS file: /home/ncvs/src/lib/libc/gen/pw_scan.c,v
retrieving revision 1.21
diff -u -r1.21 pw_scan.c
--- pw_scan.c 9 Mar 2002 04:00:53 -0000 1.21
+++ pw_scan.c 23 Sep 2002 12:13:07 -0000
@@ -70,7 +70,7 @@
{
uid_t id;
int root;
- char *p, *sh;
+ char *ep, *p, *sh;
if (pw_big_ids_warning == -1)
pw_big_ids_warning = getenv("PW_SCAN_BIG_IDS") == NULL ? 1 : 0;
@@ -98,12 +98,17 @@
return (0);
}
}
- id = strtoul(p, (char **)NULL, 10);
+ id = strtoul(p, &ep, 10);
if (errno == ERANGE) {
if (flags & _PWSCAN_WARN)
warnx("%s > max uid value (%lu)", p, ULONG_MAX);
return (0);
}
+ if (*ep != '\0' || ep == p) {
+ if (flags & _PWSCAN_WARN)
+ warnx("%s uid is incorrect", p);
+ return (0);
+ }
if (root && id) {
if (flags & _PWSCAN_WARN)
warnx("root uid should be 0");
@@ -119,10 +124,15 @@
goto fmt;
if (p[0])
pw->pw_fields |= _PWF_GID;
- id = strtoul(p, (char **)NULL, 10);
+ id = strtoul(p, &ep, 10);
if (errno == ERANGE) {
if (flags & _PWSCAN_WARN)
warnx("%s > max gid value (%lu)", p, ULONG_MAX);
+ return (0);
+ }
+ if (*ep != '\0' || ep == p) {
+ if (flags & _PWSCAN_WARN)
+ warnx("%s gid is incorrect", p);
return (0);
}
if (flags & _PWSCAN_WARN && pw_big_ids_warning && id > USHRT_MAX) {
%%%
--
Maxim Konovalov, MAcomnet, Internet Dept., system engineer
phone: +7 (095) 796-9079, mailto:maxim@macomnet.ru
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020923164234.B32787-100000>