Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 4 Jul 2015 15:54:12 +0000 (UTC)
From:      Baptiste Daroussin <bapt@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r285136 - head/usr.sbin/pw
Message-ID:  <201507041554.t64FsCxM076209@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: bapt
Date: Sat Jul  4 15:54:11 2015
New Revision: 285136
URL: https://svnweb.freebsd.org/changeset/base/285136

Log:
  Also validate inputs of pw groupmod -h and groupmod -H

Modified:
  head/usr.sbin/pw/pw_group.c

Modified: head/usr.sbin/pw/pw_group.c
==============================================================================
--- head/usr.sbin/pw/pw_group.c	Sat Jul  4 15:46:39 2015	(r285135)
+++ head/usr.sbin/pw/pw_group.c	Sat Jul  4 15:54:11 2015	(r285136)
@@ -47,6 +47,50 @@ static void	delete_members(char ***membe
 static int	print_group(struct group * grp);
 static gid_t    gr_gidpolicy(struct userconf * cnf, long id);
 
+static void
+set_passwd(struct group *grp, bool update)
+{
+	int		 b;
+	int		 istty;
+	struct termios	 t, n;
+	char		*p, line[256];
+
+	if (conf.fd == '-') {
+		grp->gr_passwd = "*";	/* No access */
+		return;
+	}
+	
+	if ((istty = isatty(conf.fd))) {
+		n = t;
+		/* Disable echo */
+		n.c_lflag &= ~(ECHO);
+		tcsetattr(conf.fd, TCSANOW, &n);
+		printf("%sassword for group %s:", update ? "New p" : "P",
+		    grp->gr_name);
+		fflush(stdout);
+	}
+	b = read(conf.fd, line, sizeof(line) - 1);
+	if (istty) {	/* Restore state */
+		tcsetattr(conf.fd, TCSANOW, &t);
+		fputc('\n', stdout);
+		fflush(stdout);
+	}
+	if (b < 0)
+		err(EX_OSERR, "-h file descriptor");
+	line[b] = '\0';
+	if ((p = strpbrk(line, " \t\r\n")) != NULL)
+		*p = '\0';
+	if (!*line)
+		errx(EX_DATAERR, "empty password read on file descriptor %d",
+		    conf.fd);
+	if (conf.precrypted) {
+		if (strchr(line, ':') != 0)
+			errx(EX_DATAERR, "wrong encrypted passwrd");
+		grp->gr_passwd = line;
+	} else
+		grp->gr_passwd = pw_pwcrypt(line);
+}
+
 int
 pw_group(int mode, char *name, long id, struct cargs * args)
 {
@@ -156,52 +200,8 @@ pw_group(int mode, char *name, long id, 
 	 * software.
 	 */
 
-	if ((arg = getarg(args, 'h')) != NULL ||
-	    (arg = getarg(args, 'H')) != NULL) {
-		if (strcmp(arg->val, "-") == 0)
-			grp->gr_passwd = "*";	/* No access */
-		else {
-			int             fd = atoi(arg->val);
-			int		precrypt = (arg->ch == 'H');
-			int             b;
-			int             istty = isatty(fd);
-			struct termios  t;
-			char           *p, line[256];
-
-			if (istty) {
-				if (tcgetattr(fd, &t) == -1)
-					istty = 0;
-				else {
-					struct termios  n = t;
-
-					/* Disable echo */
-					n.c_lflag &= ~(ECHO);
-					tcsetattr(fd, TCSANOW, &n);
-					printf("%sassword for group %s:", (mode == M_UPDATE) ? "New p" : "P", grp->gr_name);
-					fflush(stdout);
-				}
-			}
-			b = read(fd, line, sizeof(line) - 1);
-			if (istty) {	/* Restore state */
-				tcsetattr(fd, TCSANOW, &t);
-				fputc('\n', stdout);
-				fflush(stdout);
-			}
-			if (b < 0)
-				err(EX_OSERR, "-h file descriptor");
-			line[b] = '\0';
-			if ((p = strpbrk(line, " \t\r\n")) != NULL)
-				*p = '\0';
-			if (!*line)
-				errx(EX_DATAERR, "empty password read on file descriptor %d", fd);
-			if (precrypt) {
-				if (strchr(line, ':') != NULL)
-					return EX_DATAERR;
-				grp->gr_passwd = line;
-			} else
-				grp->gr_passwd = pw_pwcrypt(line);
-		}
-	}
+	if (conf.fd != -1)
+		set_passwd(grp, mode == M_UPDATE);
 
 	if (((arg = getarg(args, 'M')) != NULL ||
 	    (arg = getarg(args, 'd')) != NULL ||



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201507041554.t64FsCxM076209>