From owner-svn-src-all@FreeBSD.ORG Fri Mar 14 03:37:08 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DC5E423A; Fri, 14 Mar 2014 03:37:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BDB7C6EE; Fri, 14 Mar 2014 03:37:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2E3b8s8052254; Fri, 14 Mar 2014 03:37:08 GMT (envelope-from dteske@svn.freebsd.org) Received: (from dteske@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2E3b8jG052252; Fri, 14 Mar 2014 03:37:08 GMT (envelope-from dteske@svn.freebsd.org) Message-Id: <201403140337.s2E3b8jG052252@svn.freebsd.org> From: Devin Teske Date: Fri, 14 Mar 2014 03:37:08 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r263149 - head/usr.sbin/bsdconfig/usermgmt/share X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Mar 2014 03:37:08 -0000 Author: dteske Date: Fri Mar 14 03:37:08 2014 New Revision: 263149 URL: http://svnweb.freebsd.org/changeset/base/263149 Log: Add protection against input containing single-quotes (e.g., i18n-users). Modified: head/usr.sbin/bsdconfig/usermgmt/share/group.subr head/usr.sbin/bsdconfig/usermgmt/share/group_input.subr Modified: head/usr.sbin/bsdconfig/usermgmt/share/group.subr ============================================================================== --- head/usr.sbin/bsdconfig/usermgmt/share/group.subr Fri Mar 14 03:34:43 2014 (r263148) +++ head/usr.sbin/bsdconfig/usermgmt/share/group.subr Fri Mar 14 03:37:08 2014 (r263149) @@ -156,10 +156,17 @@ f_group_add() case "$mtag" in X) # Add/Exit - local cmd="pw groupadd -n '$group_name'" - [ "$group_gid" ] && cmd="$cmd -g '$group_gid'" + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \ + \"\$group_$var\" _group_$var + done + + local cmd="pw groupadd -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" [ "$group_members" ] && - cmd="$cmd -M '$group_members'" + cmd="$cmd -M '$_group_members'" # Execute the command (break on success) if [ "$group_password_disable" ]; then @@ -196,10 +203,16 @@ f_group_add() esac done else + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + # Form the command - local cmd="pw groupadd -n '$group_name'" - [ "$group_gid" ] && cmd="$cmd -g '$group_gid'" - [ "$group_members" ] && cmd="$cmd -M '$group_members'" + local cmd="pw groupadd -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" + [ "$group_members" ] && cmd="$cmd -M '$_group_members'" # Execute the command local retval err @@ -276,8 +289,10 @@ f_group_delete() case "$mtag" in X) # Delete/Exit + local _group_name + f_shell_escape "$group_name" _group_name f_eval_catch $funcname pw 'pw groupdel "%s"' \ - "$group_name" && break + "$_group_name" && break ;; 1) # Group Name (select different group from list) f_dialog_menu_group_list "$group_name" || continue @@ -296,9 +311,10 @@ f_group_delete() esac done else - local retval err + local retval err _group_name + f_shell_escape "$group_name" _group_name f_eval_catch -k err $funcname pw \ - 'pw groupdel "%s"' "$group_name" + "pw groupdel '%s'" "$_group_name" retval=$? if [ $retval -ne $SUCCESS ]; then f_show_err "%s" "$err" @@ -406,10 +422,17 @@ f_group_edit() case "$mtag" in X) # Save/Exit - local cmd="pw groupmod -n '$group_name'" - [ "$group_gid" ] && cmd="$cmd -g '$group_gid'" + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \ + \"\$group_$var\" _group_$var + done + + local cmd="pw groupmod -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" [ "$group_members" -o "$null_members" ] && - cmd="$cmd -M '$group_members'" + cmd="$cmd -M '$_group_members'" # Execute the command (break on success) if [ "$group_password_disable" ]; then @@ -451,11 +474,17 @@ f_group_edit() esac done else + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + # Form the command - local cmd="pw groupmod -n '$group_name'" - [ "$group_gid" ] && cmd="$cmd -g '$group_gid'" + local cmd="pw groupmod -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" [ "$group_members" -o "$null_members" ] && - cmd="$cmd -M '$group_members'" + cmd="$cmd -M '$_group_members'" # Execute the command local retval err Modified: head/usr.sbin/bsdconfig/usermgmt/share/group_input.subr ============================================================================== --- head/usr.sbin/bsdconfig/usermgmt/share/group_input.subr Fri Mar 14 03:34:43 2014 (r263148) +++ head/usr.sbin/bsdconfig/usermgmt/share/group_input.subr Fri Mar 14 03:37:08 2014 (r263149) @@ -53,12 +53,16 @@ f_input_group() f_dprintf "$funcname: Getting info for group \`%s'" "$group" eval "$( pw groupshow "$group" 2> /dev/null | awk -F: ' + function set_value(var, value) { + gsub(/'\''/, "'\''\\'\'\''", value) + printf "group_%s='\'%s\''\n", var, value + } { found = $1 != "" - printf "group_name='\'%s\''\n", $1 - printf "group_password=\n" - printf "group_gid='\'%s\''\n", $3 - printf "group_members='\'%s\''\n", $4 + set_value("name", $1) + set_value("password", "") + set_value("gid", $3) + set_value("members", $4) exit } END { if (!found) print "false" }' )" @@ -80,10 +84,13 @@ f_dialog_menu_group_list() # Add groups from group(5) menu_list="$menu_list $( pw groupshow -a | awk -F: ' - !/^[[:space:]]*(#|$)/ { - printf "'\'%s\'\ \'%s\''\n", $1, $1 - }' - )" + function mprint(tag, item) { + gsub(/'\''/, "'\''\\'\'\''", tag) + gsub(/'\''/, "'\''\\'\'\''", item) + printf "'\'%s\'\ \'%s\''\n", tag, item + } + !/^[[:space:]]*(#|$)/ { mprint($1, $1) } + ' )" local height width rows eval f_dialog_menu_size height width rows \ @@ -331,16 +338,18 @@ f_dialog_input_group_members() X) # Exit break ;; 1) # Select Group Members from a list - local __user_list __length=0 __user __check_list= + local __check_list= # Calculated below + local __user_list __u __user __length=0 __user_list=$( pw usershow -a | awk -F: '!/^[[:space:]]*(#|$)/{print $1}' ) while [ $__length -ne ${#__user_list} ]; do - __user="${__user_list%%$NL*}" # First line + __u="${__user_list%%$NL*}" # First line + f_shell_escape "$__u" __user # Format of a checklist entry: tag item status __check_list="$__check_list '$__user' ''" case "$__input" in - "$__user"|"$__user",*|*,"$__user",*|*,"$__user") + "$__u"|"$__u",*|*,"$__u",*|*,"$__u") __check_list="$__check_list on" ;; *) __check_list="$__check_list off" @@ -416,12 +425,20 @@ f_dialog_menu_group_add() local defaultitem="$1" local hline="$hline_arrows_tab_enter" + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + menu_list=" 'X' '$msg_add/$msg_exit' - '1' '$msg_group: $group_name' + '1' '$msg_group: $_group_name' '2' '$msg_password: -----' - '3' '$msg_group_id: $group_gid' - '4' '$msg_group_members: $group_members' + '3' '$msg_group_id: $_group_gid' + '4' '$msg_group_members: $_group_members' " # END-QUOTE local height width rows @@ -470,12 +487,20 @@ f_dialog_menu_group_delete() local group_name group_password group_gid group_members f_input_group "$1" + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + menu_list=" 'X' '$msg_delete/$msg_exit' - '1' '$msg_group: $group_name' + '1' '$msg_group: $_group_name' '-' '$msg_password: -----' - '-' '$msg_group_id: $group_gid' - '-' '$msg_group_members: $group_members' + '-' '$msg_group_id: $_group_gid' + '-' '$msg_group_members: $_group_members' " # END-QUOTE local height width rows @@ -521,12 +546,20 @@ f_dialog_menu_group_edit() local defaultitem="$1" local hline="$hline_arrows_tab_enter" + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + menu_list=" 'X' '$msg_save/$msg_exit' - '1' '$msg_group: $group_name' + '1' '$msg_group: $_group_name' '2' '$msg_password: -----' - '3' '$msg_group_id: $group_gid' - '4' '$msg_group_members: $group_members' + '3' '$msg_group_id: $_group_gid' + '4' '$msg_group_members: $_group_members' " # END-QUOTE local height width rows