mirror of
https://github.com/sheumann/hush.git
synced 2025-01-20 21:30:00 +00:00
adduser/addgroup: check username for invalid chars
(by Tito <farmatito AT tiscali.it>). +129 bytes when enabled.
This commit is contained in:
parent
cf7cf62204
commit
a7d6c8bab9
@ -637,7 +637,11 @@ const char* get_cached_groupname(gid_t gid);
|
||||
void clear_username_cache(void);
|
||||
/* internally usernames are saved in fixed-sized char[] buffers */
|
||||
enum { USERNAME_MAX_SIZE = 16 - sizeof(int) };
|
||||
|
||||
#if ENABLE_FEATURE_CHECK_NAMES
|
||||
void die_if_bad_username(const char* name);
|
||||
#else
|
||||
#define die_if_bad_username(name) ((void)(name))
|
||||
#endif
|
||||
|
||||
int execable_file(const char *name);
|
||||
char *find_execable(const char *filename);
|
||||
|
@ -122,6 +122,7 @@ lib-$(CONFIG_MKFS_MINIX) += find_mount_point.o
|
||||
lib-$(CONFIG_SELINUX) += selinux_common.o
|
||||
lib-$(CONFIG_HWCLOCK) += rtc.o
|
||||
lib-$(CONFIG_RTCWAKE) += rtc.o
|
||||
lib-$(CONFIG_FEATURE_CHECK_NAMES) += die_if_bad_username.o
|
||||
|
||||
# We shouldn't build xregcomp.c if we don't need it - this ensures we don't
|
||||
# require regex.h to be in the include dir even if we don't need it thereby
|
||||
|
@ -82,6 +82,18 @@ config FEATURE_DEL_USER_FROM_GROUP
|
||||
If called with two non-option arguments, deluser
|
||||
or delgroup will remove an user from a specified group.
|
||||
|
||||
config FEATURE_CHECK_NAMES
|
||||
bool "Enable sanity check on user/group names in adduser and addgroup"
|
||||
default n
|
||||
depends on ADDUSER || ADDGROUP
|
||||
help
|
||||
Enable sanity check on user and group names in adduser and addgroup.
|
||||
To avoid problems, the user or group name should consist only of
|
||||
letters, digits, underscores, periods, at signs and dashes,
|
||||
and not start with a dash (as defined by IEEE Std 1003.1-2001).
|
||||
For compatibility with Samba machine accounts "$" is also supported
|
||||
at the end of the user or group name.
|
||||
|
||||
config ADDUSER
|
||||
bool "adduser"
|
||||
default n
|
||||
|
@ -173,8 +173,11 @@ int addgroup_main(int argc ATTRIBUTE_UNUSED, char **argv)
|
||||
#endif
|
||||
} else
|
||||
#endif /* ENABLE_FEATURE_ADDUSER_TO_GROUP */
|
||||
{
|
||||
die_if_bad_username(argv[0]);
|
||||
new_group(argv[0], gid);
|
||||
|
||||
}
|
||||
/* Reached only on success */
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
@ -111,6 +111,7 @@ int adduser_main(int argc ATTRIBUTE_UNUSED, char **argv)
|
||||
|
||||
/* fill in the passwd struct */
|
||||
pw.pw_name = argv[0];
|
||||
die_if_bad_username(pw.pw_name);
|
||||
if (!pw.pw_dir) {
|
||||
/* create string for $HOME if not specified already */
|
||||
pw.pw_dir = xasprintf("/home/%s", argv[0]);
|
||||
|
Loading…
x
Reference in New Issue
Block a user