aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRob Landley <rob@landley.net>2014-09-26 18:49:44 -0500
committerRob Landley <rob@landley.net>2014-09-26 18:49:44 -0500
commite0d8009d76b3a2451cb6c6ed2b241c7eff06ed60 (patch)
treef2904430b0cb86f7b7a2721ae2ddd60fcf727166
parente1fa787be8d0d66c9860c86dcb80fd6e096f74e0 (diff)
downloadtoybox-e0d8009d76b3a2451cb6c6ed2b241c7eff06ed60.tar.gz
The only illegal characters in a username are ":" (field separator), "\n" (line separator), and "/" (filename separator).
Restricting usernames to the legacy posix character allowed set (for filenames, so the $HOME directory is creatable on VFAT and similar) means you can't have UTF-8 usernames. Linux allows any character but / and NUL in filenames. Since root is creating these entries, we assume root knows what it's doing.
-rw-r--r--lib/password.c32
-rw-r--r--lib/pending.h1
-rw-r--r--toys/pending/groupadd.c9
-rw-r--r--toys/pending/useradd.c4
4 files changed, 8 insertions, 38 deletions
diff --git a/lib/password.c b/lib/password.c
index 2578dfe0..40cbead0 100644
--- a/lib/password.c
+++ b/lib/password.c
@@ -19,11 +19,7 @@ int get_salt(char *salt, char *algo)
int len = al[i].len;
char *s = salt;
- if (al[i].id) {
- *s++ = '$';
- *s++ = '0'+al[i].id;
- *s++ = '$';
- }
+ if (al[i].id) s += sprintf(s, "$%c$", '0'+al[i].id);
// Read appropriate number of random bytes for salt
i = xopen("/dev/urandom", O_RDONLY);
@@ -233,29 +229,3 @@ free_storage:
free(filenamesfx);
return ret;
}
-
-void is_valid_username(const char *name)
-{
- regex_t rp;
- regmatch_t rm[1];
- int eval;
- char *regex = "^[_.A-Za-z0-9][-_.A-Za-z0-9]*"; //User name REGEX
-
- xregcomp(&rp, regex, REG_NEWLINE);
-
- /* compare string against pattern -- remember that patterns
- are anchored to the beginning of the line */
- eval = regexec(&rp, name, 1, rm, 0);
- regfree(&rp);
- if (!eval && !rm[0].rm_so) {
- int len = strlen(name);
- if ((rm[0].rm_eo == len) ||
- (rm[0].rm_eo == len - 1 && name[len - 1] == '$')) {
- if (len >= LOGIN_NAME_MAX) error_exit("name is too long");
- else return;
- }
- }
- error_exit("'%s', not valid %sname",name,
- (((toys.which->name[3] == 'g') ||
- (toys.which->name[0] == 'g'))? "group" : "user"));
-}
diff --git a/lib/pending.h b/lib/pending.h
index c98bb514..c67d81c8 100644
--- a/lib/pending.h
+++ b/lib/pending.h
@@ -2,6 +2,5 @@
// password.c
#define MAX_SALT_LEN 20 //3 for id, 16 for key, 1 for '\0'
-void is_valid_username(const char *name);
int read_password(char * buff, int buflen, char* mesg);
int update_password(char *filename, char* username, char* encrypted);
diff --git a/toys/pending/groupadd.c b/toys/pending/groupadd.c
index 04c31ee5..7df0a5c3 100644
--- a/toys/pending/groupadd.c
+++ b/toys/pending/groupadd.c
@@ -92,11 +92,12 @@ void groupadd_main(void)
update_password(SECURE_GROUP_PATH, grp->gr_name, entry);
free(entry);
} else { //new group to be created
+ char *s = *toys.optargs;
+
/* investigate the group to be created */
- if ((grp = getgrnam(*toys.optargs)))
- error_exit("group '%s' is in use", *toys.optargs);
- setlocale(LC_ALL, "C");
- is_valid_username(*toys.optargs);
+ if (getgrnam(s)) error_exit("'%s' in use", s);
+ if (s[strcspn(s, ":/\n")] || strlen(s) > LOGIN_NAME_MAX)
+ error_exit("bad name");
new_group();
}
}
diff --git a/toys/pending/useradd.c b/toys/pending/useradd.c
index 9f1fa4c5..4f2bcc61 100644
--- a/toys/pending/useradd.c
+++ b/toys/pending/useradd.c
@@ -54,8 +54,8 @@ void useradd_main(void)
}
// Sanity check user to add
- if (strchr(s, ':') || strchr(s, '/') || strlen(s) > LOGIN_NAME_MAX)
- error_exit("bad name");
+ if (s[strcspn(s, ":/\n")] || strlen(s) > LOGIN_NAME_MAX)
+ error_exit("bad username");
// race condition: two adds at same time?
if (getpwnam(s)) error_exit("'%s' in use", s);