From owner-freebsd-bugs@FreeBSD.ORG  Thu Dec  8 19:30:23 2005
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8EB5016A41F
	for <freebsd-bugs@hub.freebsd.org>;
	Thu,  8 Dec 2005 19:30:23 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CB36F43D9A
	for <freebsd-bugs@hub.freebsd.org>;
	Thu,  8 Dec 2005 19:30:03 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id jB8JU30I079369
	for <freebsd-bugs@freefall.freebsd.org>; Thu, 8 Dec 2005 19:30:03 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.3/8.13.1/Submit) id jB8JU3xV079368;
	Thu, 8 Dec 2005 19:30:03 GMT (envelope-from gnats)
Resent-Date: Thu, 8 Dec 2005 19:30:03 GMT
Resent-Message-Id: <200512081930.jB8JU3xV079368@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
        Björn König <bkoenig@cs.tu-berlin.de>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3C11B16A422
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu,  8 Dec 2005 19:27:32 +0000 (GMT)
	(envelope-from bkoenig@cs.tu-berlin.de)
Received: from efacilitas.de (smtp.efacilitas.de [85.10.196.108])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 900E343D86
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu,  8 Dec 2005 19:26:26 +0000 (GMT)
	(envelope-from bkoenig@cs.tu-berlin.de)
Received: from eurystheus.local (port-212-202-39-231.dynamic.qsc.de
	[212.202.39.231]) by efacilitas.de (Postfix) with ESMTP id 22AA04C9E4
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu,  8 Dec 2005 20:34:36 +0100 (CET)
Received: from hoppel.local (eurystheus.local [192.168.1.67])
	by eurystheus.local (Postfix) with SMTP id A9CDF508B5
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu,  8 Dec 2005 20:25:06 +0100 (CET)
Received: by hoppel.local (sSMTP sendmail emulation);
	Thu,  8 Dec 2005 20:25:06 +0100
Message-Id: <20051208192506.A9CDF508B5@eurystheus.local>
Date: Thu,  8 Dec 2005 20:25:06 +0100
From: "Björn König" <bkoenig@cs.tu-berlin.de>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Cc: 
Subject: bin/90114: pw takes strings after option -g for GID 0
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Björn König <bkoenig@cs.tu-berlin.de>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Dec 2005 19:30:23 -0000


>Number:         90114
>Category:       bin
>Synopsis:       pw takes strings after option -g for GID 0
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Dec 08 19:30:02 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Björn König
>Release:        FreeBSD 6.0-RELEASE i386
>Organization:
>Environment:
>Description:
	pw assumes the group with the ID 0 if you specify a string mistakenly
	instead of a number in conjunction with option -g. This might be
	problematic because it is possible that you delete the group 'wheel'
	accidentally and silently.
	
	This issue has been discovered by Mars G. Miro (marsgmiro at gmail.com) 
>How-To-Repeat:
	Back up your /etc/group. ;)
	
	# pw groupshow -g wheel
	wheel:*:0:root
	
	# pw groupdel -g somestring
	
	# pw groupshow -g wheel
	pw: unknown group `wheel'
>Fix:
	The patch below checks the error value returned by atoi and
	aborts the current action if the user supplied an invalid GID.
	
	Note that pw still accepts erroneous values in certain cases,
	e.g. -g 0somestring.
	
--- pw-2005120801.diff begins here ---
--- src/usr.sbin/pw/pw_group.c.orig	Sun Jan 11 19:28:08 2004
+++ src/usr.sbin/pw/pw_group.c	Thu Dec  8 19:46:26 2005
@@ -93,8 +93,15 @@
 			a_name = NULL;
 		}
 	}
-	grp = (a_name != NULL) ? GETGRNAM(a_name->val) : GETGRGID((gid_t) atoi(a_gid->val));
 
+	if (a_name != NULL)
+		grp = GETGRNAM(a_name->val);
+	else {
+		grp = GETGRGID((gid_t) atoi(a_gid->val));
+		if (errno == EINVAL)
+			errx(EX_DATAERR, "invalid group id `%s'", a_gid->val);
+	}
+	
 	if (mode == M_UPDATE || mode == M_DELETE || mode == M_PRINT) {
 		if (a_name == NULL && grp == NULL)	/* Try harder */
 			grp = GETGRGID(atoi(a_gid->val));
--- pw-2005120801.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted: