From owner-freebsd-audit@FreeBSD.ORG Tue May 27 01:45:41 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 488FF37B401 for ; Tue, 27 May 2003 01:45:41 -0700 (PDT) Received: from gandalf.online.bg (gandalf.online.bg [217.75.128.9]) by mx1.FreeBSD.org (Postfix) with SMTP id 21BE943FA3 for ; Tue, 27 May 2003 01:45:37 -0700 (PDT) (envelope-from roam@ringlet.net) Received: (qmail 18694 invoked from network); 27 May 2003 08:39:07 -0000 Received: from office.sbnd.net (HELO straylight.ringlet.net) (217.75.140.130) by gandalf.online.bg with SMTP; 27 May 2003 08:39:07 -0000 Received: (qmail 16767 invoked by uid 1000); 27 May 2003 08:42:42 -0000 Date: Tue, 27 May 2003 11:42:42 +0300 From: Peter Pentchev To: audit@FreeBSD.org Message-ID: <20030527084242.GB513@straylight.oblivion.bg> Mail-Followup-To: audit@FreeBSD.org References: <200304220700.h3M70CM3058589@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5/uDoXvLw7AC5HRs" Content-Disposition: inline In-Reply-To: <200304220700.h3M70CM3058589@freefall.freebsd.org> User-Agent: Mutt/1.5.4i Subject: Re: conf/51256: chkgrp should make sure the file is newline terminated X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2003 08:45:41 -0000 --5/uDoXvLw7AC5HRs Content-Type: text/plain; charset=windows-1251 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 22, 2003 at 12:00:12AM -0700, I wrote: > On Mon, Apr 21, 2003 at 02:48:47PM -0600, Brian D Gallaway wrote: > >=20 > > >Number: 51256 > > >Category: conf > > >Synopsis: chkgrp should make sure the file is newline terminated > > >Originator: Brian D Gallaway > > >Release: FreeBSD 5.0-RELEASE i386 > > >Description: > > The chkgrp command does not detect when there is not a newline at the= end of the file. If the /etc/group file is not newline terminated, the /e= tc/group file's last entry will not be used. This is an error that could e= asily be checked for in chkgrp. =20 > > >How-To-Repeat: > > see above > > >Fix: > > have chkgrp warn the user if no newline is found at the end of= /etc/group=09 > =20 > The attached trivial patch should do the trick. Could somebody take a look at this PR and the patch (quoted below), and see if there's anything wrong with it or it may be committed? > Index: src/usr.sbin/chkgrp/chkgrp.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > RCS file: /home/ncvs/src/usr.sbin/chkgrp/chkgrp.c,v > retrieving revision 1.6 > diff -u -r1.6 chkgrp.c > --- src/usr.sbin/chkgrp/chkgrp.c 3 Jul 2001 21:40:34 -0000 1.6 > +++ src/usr.sbin/chkgrp/chkgrp.c 22 Apr 2003 06:46:33 -0000 > @@ -76,6 +76,10 @@ > while (++n) { > if ((line =3D fgetln(gf, &len)) =3D=3D NULL) > break; > + if (len > 0 && line[len - 1] !=3D '\n' && line[len - 1] !=3D '\r') { > + warnx("%s: line %d: no newline character", gfn, n); > + e++; > + } > while (len && isspace(line[len-1])) > len--; G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 "yields falsehood, when appended to its quotation." yields falsehood, when = appended to its quotation. --5/uDoXvLw7AC5HRs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE+0yUC7Ri2jRYZRVMRAhEoAKCIYWEfDVMmc/W0X9vqr4bM1d3urgCgk7OT J0SnrM/LrqjwUk+rpKQh2O0= =zsD7 -----END PGP SIGNATURE----- --5/uDoXvLw7AC5HRs-- From owner-freebsd-audit@FreeBSD.ORG Tue May 27 06:55:48 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BD61237B401 for ; Tue, 27 May 2003 06:55:48 -0700 (PDT) Received: from smtp02.syd.iprimus.net.au (smtp02.syd.iprimus.net.au [210.50.76.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3587D43F85 for ; Tue, 27 May 2003 06:55:48 -0700 (PDT) (envelope-from tim@robbins.dropbear.id.au) Received: from dilbert.robbins.dropbear.id.au (210.50.249.110) by smtp02.syd.iprimus.net.au (7.0.015) id 3ECBEA34000EE898 for audit@FreeBSD.org; Tue, 27 May 2003 23:55:44 +1000 Received: by dilbert.robbins.dropbear.id.au (Postfix, from userid 1000) id A9EBDC90F; Tue, 27 May 2003 23:55:25 +1000 (EST) Date: Tue, 27 May 2003 23:55:25 +1000 From: Tim Robbins To: audit@FreeBSD.org Message-ID: <20030527235525.A47880@dilbert.robbins.dropbear.id.au> References: <200304220700.h3M70CM3058589@freefall.freebsd.org> <20030527084242.GB513@straylight.oblivion.bg> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20030527084242.GB513@straylight.oblivion.bg>; from roam@ringlet.net on Tue, May 27, 2003 at 11:42:42AM +0300 Subject: Re: conf/51256: chkgrp should make sure the file is newline terminated X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2003 13:55:49 -0000 On Tue, May 27, 2003 at 11:42:42AM +0300, Peter Pentchev wrote: > Could somebody take a look at this PR and the patch (quoted below), and > see if there's anything wrong with it or it may be committed? [...] > > if ((line = fgetln(gf, &len)) == NULL) > > break; > > + if (len > 0 && line[len - 1] != '\n' && line[len - 1] != '\r') { > > + warnx("%s: line %d: no newline character", gfn, n); > > + e++; > > + } [...] I think that it's unnecessary (and incorrect) to check for a '\r' character at the end of the line. Tim From owner-freebsd-audit@FreeBSD.ORG Tue May 27 07:24:26 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA6E137B404 for ; Tue, 27 May 2003 07:24:26 -0700 (PDT) Received: from gandalf.online.bg (gandalf.online.bg [217.75.128.9]) by mx1.FreeBSD.org (Postfix) with SMTP id 60A0543FB1 for ; Tue, 27 May 2003 07:24:22 -0700 (PDT) (envelope-from roam@ringlet.net) Received: (qmail 18854 invoked from network); 27 May 2003 14:17:48 -0000 Received: from office.sbnd.net (HELO straylight.ringlet.net) (217.75.140.130) by gandalf.online.bg with SMTP; 27 May 2003 14:17:47 -0000 Received: (qmail 63449 invoked by uid 1000); 27 May 2003 14:21:22 -0000 Date: Tue, 27 May 2003 17:21:22 +0300 From: Peter Pentchev To: Tim Robbins Message-ID: <20030527142122.GG513@straylight.oblivion.bg> Mail-Followup-To: Tim Robbins , audit@FreeBSD.org References: <200304220700.h3M70CM3058589@freefall.freebsd.org> <20030527084242.GB513@straylight.oblivion.bg> <20030527235525.A47880@dilbert.robbins.dropbear.id.au> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="DNUSDXU7R7AVVM8C" Content-Disposition: inline In-Reply-To: <20030527235525.A47880@dilbert.robbins.dropbear.id.au> User-Agent: Mutt/1.5.4i cc: audit@FreeBSD.org Subject: Re: conf/51256: chkgrp should make sure the file is newline terminated X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2003 14:24:27 -0000 --DNUSDXU7R7AVVM8C Content-Type: text/plain; charset=windows-1251 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, May 27, 2003 at 11:55:25PM +1000, Tim Robbins wrote: > On Tue, May 27, 2003 at 11:42:42AM +0300, Peter Pentchev wrote: >=20 > > Could somebody take a look at this PR and the patch (quoted below), and > > see if there's anything wrong with it or it may be committed? > [...] > > > if ((line =3D fgetln(gf, &len)) =3D=3D NULL) > > > break; > > > + if (len > 0 && line[len - 1] !=3D '\n' && line[len - 1] !=3D '\r')= { > > > + warnx("%s: line %d: no newline character", gfn, n); > > > + e++; > > > + } > [...] >=20 > I think that it's unnecessary (and incorrect) to check for a '\r' charact= er > at the end of the line. Okay, this might have been a bad habit of processing files that came =66rom Over There ;) So.. how about the patch with only the '\n' check, then? G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 I am not the subject of this sentence. --DNUSDXU7R7AVVM8C Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE+03Ri7Ri2jRYZRVMRAoiLAJkB+7BUw6Z7CwnGMe8sG9vkDWO09gCffvG9 f1U8iEE1tlmjI9Lz8gSSz9o= =zNIt -----END PGP SIGNATURE----- --DNUSDXU7R7AVVM8C--