From owner-svn-src-head@freebsd.org  Mon Nov 28 21:00:20 2016
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id A3B60C59ABA;
 Mon, 28 Nov 2016 21:00:20 +0000 (UTC) (envelope-from des@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 6620818F0;
 Mon, 28 Nov 2016 21:00:20 +0000 (UTC) (envelope-from des@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id uASL0JPM066687;
 Mon, 28 Nov 2016 21:00:19 GMT (envelope-from des@FreeBSD.org)
Received: (from des@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id uASL0Jvb066685;
 Mon, 28 Nov 2016 21:00:19 GMT (envelope-from des@FreeBSD.org)
Message-Id: <201611282100.uASL0Jvb066685@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: des set sender to des@FreeBSD.org
 using -f
From: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= <des@FreeBSD.org>
Date: Mon, 28 Nov 2016 21:00:19 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r309269 - head/lib/libutil
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2016 21:00:20 -0000

Author: des
Date: Mon Nov 28 21:00:19 2016
New Revision: 309269
URL: https://svnweb.freebsd.org/changeset/base/309269

Log:
  Use malloc()ed buffers instead of stack buffers in gr_copy() and pw_copy().
  This allows pw(8) to operate on passwd and group files with longer lines
  than could be accomodated by a stack buffer.  It doesn't take more than a
  few hundred users to exceed 8192 bytes in /etc/group.
  
  MFC after:	3 weeks
  Sponsored by:	The University of Oslo

Modified:
  head/lib/libutil/gr_util.c
  head/lib/libutil/pw_util.c

Modified: head/lib/libutil/gr_util.c
==============================================================================
--- head/lib/libutil/gr_util.c	Mon Nov 28 20:44:12 2016	(r309268)
+++ head/lib/libutil/gr_util.c	Mon Nov 28 21:00:19 2016	(r309269)
@@ -164,11 +164,12 @@ gr_tmp(int mfd)
 int
 gr_copy(int ffd, int tfd, const struct group *gr, struct group *old_gr)
 {
-	char buf[8192], *end, *line, *p, *q, *r, t;
+	char *buf, *end, *line, *p, *q, *r, *tmp;
 	struct group *fgr;
 	const struct group *sgr;
-	size_t len;
+	size_t len, size;
 	int eof, readlen;
+	char t;
 
 	if (old_gr == NULL && gr == NULL)
 		return(-1);
@@ -186,6 +187,10 @@ gr_copy(int ffd, int tfd, const struct g
 	if (sgr == NULL)
 		sgr = gr;
 
+	/* initialize the buffer */
+	if ((buf = malloc(size = 1024)) == NULL)
+		goto err;
+
 	eof = 0;
 	len = 0;
 	p = q = end = buf;
@@ -199,10 +204,16 @@ gr_copy(int ffd, int tfd, const struct g
 		if (q >= end) {
 			if (eof)
 				break;
-			if ((size_t)(q - p) >= sizeof(buf)) {
-				warnx("group line too long");
-				errno = EINVAL; /* hack */
-				goto err;
+			while ((size_t)(q - p) >= size) {
+				if ((tmp = realloc(buf, size * 2)) == NULL) {
+					warnx("group line too long");
+					goto err;
+				}
+				p = tmp + (p - buf);
+				q = tmp + (q - buf);
+				end = tmp + (end - buf);
+				buf = tmp;
+				size = size * 2;
 			}
 			if (p < end) {
 				q = memmove(buf, p, end -p);
@@ -210,7 +221,7 @@ gr_copy(int ffd, int tfd, const struct g
 			} else {
 				p = q = end = buf;
 			}
-			readlen = read(ffd, end, sizeof(buf) - (end -buf));
+			readlen = read(ffd, end, size - (end - buf));
 			if (readlen == -1)
 				goto err;
 			else
@@ -219,7 +230,7 @@ gr_copy(int ffd, int tfd, const struct g
 				break;
 			end += len;
 			len = end - buf;
-			if (len < (ssize_t)sizeof(buf)) {
+			if (len < size) {
 				eof = 1;
 				if (len > 0 && buf[len -1] != '\n')
 					++len, *end++ = '\n';
@@ -281,7 +292,7 @@ gr_copy(int ffd, int tfd, const struct g
 			if (write(tfd, q, end - q) != end - q)
 				goto err;
 			q = buf;
-			readlen = read(ffd, buf, sizeof(buf));
+			readlen = read(ffd, buf, size);
 			if (readlen == 0)
 				break;
 			else
@@ -303,12 +314,12 @@ gr_copy(int ffd, int tfd, const struct g
 	   write(tfd, "\n", 1) != 1)
 		goto err;
  done:
-	if (line != NULL)
-		free(line);
+	free(line);
+	free(buf);
 	return (0);
  err:
-	if (line != NULL)
-		free(line);
+	free(line);
+	free(buf);
 	return (-1);
 }
 

Modified: head/lib/libutil/pw_util.c
==============================================================================
--- head/lib/libutil/pw_util.c	Mon Nov 28 20:44:12 2016	(r309268)
+++ head/lib/libutil/pw_util.c	Mon Nov 28 21:00:19 2016	(r309269)
@@ -427,11 +427,12 @@ pw_make_v7(const struct passwd *pw)
 int
 pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw)
 {
-	char buf[8192], *end, *line, *p, *q, *r, t;
+	char *buf, *end, *line, *p, *q, *r, *tmp;
 	struct passwd *fpw;
 	const struct passwd *spw;
-	size_t len;
+	size_t len, size;
 	int eof, readlen;
+	char t;
 
 	if (old_pw == NULL && pw == NULL)
 			return (-1);
@@ -449,6 +450,10 @@ pw_copy(int ffd, int tfd, const struct p
 	if (spw == NULL)
 		spw = pw;
 
+	/* initialize the buffer */
+	if ((buf = malloc(size = 1024)) == NULL)
+		goto err;
+
 	eof = 0;
 	len = 0;
 	p = q = end = buf;
@@ -462,10 +467,16 @@ pw_copy(int ffd, int tfd, const struct p
 		if (q >= end) {
 			if (eof)
 				break;
-			if ((size_t)(q - p) >= sizeof(buf)) {
-				warnx("passwd line too long");
-				errno = EINVAL; /* hack */
-				goto err;
+			while ((size_t)(q - p) >= size) {
+				if ((tmp = realloc(buf, size * 2)) == NULL) {
+					warnx("passwd line too long");
+					goto err;
+				}
+				p = tmp + (p - buf);
+				q = tmp + (q - buf);
+				end = tmp + (end - buf);
+				buf = tmp;
+				size = size * 2;
 			}
 			if (p < end) {
 				q = memmove(buf, p, end - p);
@@ -473,7 +484,7 @@ pw_copy(int ffd, int tfd, const struct p
 			} else {
 				p = q = end = buf;
 			}
-			readlen = read(ffd, end, sizeof(buf) - (end - buf));
+			readlen = read(ffd, end, size - (end - buf));
 			if (readlen == -1)
 				goto err;
 			else
@@ -482,7 +493,7 @@ pw_copy(int ffd, int tfd, const struct p
 				break;
 			end += len;
 			len = end - buf;
-			if (len < (ssize_t)sizeof(buf)) {
+			if (len < size) {
 				eof = 1;
 				if (len > 0 && buf[len - 1] != '\n')
 					++len, *end++ = '\n';
@@ -545,7 +556,7 @@ pw_copy(int ffd, int tfd, const struct p
 			if (write(tfd, q, end - q) != end - q)
 				goto err;
 			q = buf;
-			readlen = read(ffd, buf, sizeof(buf));
+			readlen = read(ffd, buf, size);
 			if (readlen == 0)
 				break;
 			else
@@ -567,12 +578,12 @@ pw_copy(int ffd, int tfd, const struct p
 	    write(tfd, "\n", 1) != 1)
 		goto err;
  done:
-	if (line != NULL)
-		free(line);
+	free(line);
+	free(buf);
 	return (0);
  err:
-	if (line != NULL)
-		free(line);
+	free(line);
+	free(buf);
 	return (-1);
 }