From owner-freebsd-audit Wed May 9 7: 3:25 2001 Delivered-To: freebsd-audit@freebsd.org Received: from nebula.cybercable.fr (d189.dhcp212-126.cybercable.fr [212.198.126.189]) by hub.freebsd.org (Postfix) with ESMTP id 0808B37B423 for ; Wed, 9 May 2001 07:03:16 -0700 (PDT) (envelope-from mux@qualys.com) Received: (from mux@localhost) by nebula.cybercable.fr (8.11.3/8.11.3) id f49E3Cu10166; Wed, 9 May 2001 16:03:12 +0200 (CEST) (envelope-from mux) Date: Wed, 9 May 2001 16:03:11 +0200 From: Maxime Henrion To: audit@FreeBSD.org Cc: Peter Pentchev Subject: Re: chpass patch to disallow non-printable characters in the passwd file Message-ID: <20010509160311.C984@nebula.cybercable.fr> References: <20010509131550.A984@nebula.cybercable.fr> <20010509041914.A36212@xor.obsecurity.org> <20010509164622.C645@ringworld.oblivion.bg> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="98e8jtXdkpgskNou" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010509164622.C645@ringworld.oblivion.bg>; from roam@orbitel.bg on Wed, May 09, 2001 at 04:46:22PM +0300 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --98e8jtXdkpgskNou Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Peter Pentchev wrote: > On Wed, May 09, 2001 at 04:19:14AM -0700, Kris Kennaway wrote: > > On Wed, May 09, 2001 at 01:15:50PM +0200, Maxime Henrion wrote: > > > Hi, > > > > > > Here is another patch from OpenBSD taken from Kris mailbox. It prevents > > > users from putting non-printable characters in the passwd file. > > > > I'm not sure whether isprint() is the canonical way to check this in > > the face of different locales. Can someone confirm the correct way to > > do this? > > isprint() does honor locales, if setlocale() is called in advance. > So this fix is proper, but not enough - there must be a call to > setlocale(LC_ALL, ""), and a good place for it would be the start of main, > even before the getopt() call, as done by a lot of other base system tools. > > G'luck, > Peter OK, here is a new patch with the missing setlocale() call. I did a setlocale(LC_CTYPE, "") as it's only used for the ctype.h functions. Maxime -- Don't be fooled by cheap finnish imitations ; BSD is the One True Code Key fingerprint = F9B6 1D5A 4963 331C 88FC CA6A AB50 1EF2 8CBE 99D6 Public Key : http://www.epita.fr/~henrio_m/ --98e8jtXdkpgskNou Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="chpass.diff" diff -c /usr/src/usr.bin/chpass/chpass.c ./chpass.c *** /usr/src/usr.bin/chpass/chpass.c Sat Apr 28 01:14:31 2001 --- ./chpass.c Wed May 9 15:59:24 2001 *************** *** 53,58 **** --- 53,59 ---- #include #include #include + #include #include #include #include *************** *** 92,97 **** --- 93,99 ---- int force_yp = 0; #endif + setlocale(LC_CTYPE, ""); op = EDITENTRY; #ifdef YP while ((ch = getopt(argc, argv, "a:p:s:e:d:h:oly")) != -1) diff -c /usr/src/usr.bin/chpass/edit.c ./edit.c *** /usr/src/usr.bin/chpass/edit.c Wed Sep 6 20:16:46 2000 --- ./edit.c Wed May 9 13:12:05 2001 *************** *** 184,193 **** struct passwd *pw; { ENTRY *ep; ! char *p; struct stat sb; FILE *fp; ! int len, line; static char buf[LINE_MAX]; if (!(fp = fopen(tempname, "r"))) --- 184,193 ---- struct passwd *pw; { ENTRY *ep; ! char *p, *q; struct stat sb; FILE *fp; ! unsigned int len, line; static char buf[LINE_MAX]; if (!(fp = fopen(tempname, "r"))) *************** *** 225,231 **** goto bad; } while (isspace(*++p)); ! if (ep->except && strpbrk(p, ep->except)) { warnx( "illegal character in the \"%s\" field", ep->prompt); --- 225,235 ---- goto bad; } while (isspace(*++p)); ! for (q = p; *q && isprint(*q); q++) { ! if (ep->except && strchr(ep->except, *q)) ! break; ! } ! if (*q) { warnx( "illegal character in the \"%s\" field", ep->prompt); --98e8jtXdkpgskNou-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message