Author: bapt
Date: Sat Jul 4 15:54:11 2015
New Revision: 285136
URL: https://svnweb.freebsd.org/changeset/base/285136
Log:
Also validate inputs of pw groupmod -h and groupmod -H
Modified:
head/usr.sbin/pw/pw_group.c
Modified: head/usr.sbin/pw/pw_group.c
==============================================================================
--- head/usr.sbin/pw/pw_group.c Sat Jul 4 15:46:39 2015 (r285135)
+++ head/usr.sbin/pw/pw_group.c Sat Jul 4 15:54:11 2015 (r285136)
@@ -47,6 +47,50 @@ static void delete_members(char ***membe
static int print_group(struct group * grp);
static gid_t gr_gidpolicy(struct userconf * cnf, long id);
+static void
+set_passwd(struct group *grp, bool update)
+{
+ int b;
+ int istty;
+ struct termios t, n;
+ char *p, line[256];
+
+ if (conf.fd == '-') {
+ grp->gr_passwd = "*"; /* No access */
+ return;
+ }
+
+ if ((istty = isatty(conf.fd))) {
+ n = t;
+ /* Disable echo */
+ n.c_lflag &= ~(ECHO);
+ tcsetattr(conf.fd, TCSANOW, &n);
+ printf("%sassword for group %s:", update ? "New p" : "P",
+ grp->gr_name);
+ fflush(stdout);
+ }
+ b = read(conf.fd, line, sizeof(line) - 1);
+ if (istty) { /* Restore state */
+ tcsetattr(conf.fd, TCSANOW, &t);
+ fputc('\n', stdout);
+ fflush(stdout);
+ }
+ if (b < 0)
+ err(EX_OSERR, "-h file descriptor");
+ line[b] = '\0';
+ if ((p = strpbrk(line, " \t\r\n")) != NULL)
+ *p = '\0';
+ if (!*line)
+ errx(EX_DATAERR, "empty password read on file descriptor %d",
+ conf.fd);
+ if (conf.precrypted) {
+ if (strchr(line, ':') != 0)
+ errx(EX_DATAERR, "wrong encrypted passwrd");
+ grp->gr_passwd = line;
+ } else
+ grp->gr_passwd = pw_pwcrypt(line);
+}
+
int
pw_group(int mode, char *name, long id, struct cargs * args)
{
@@ -156,52 +200,8 @@ pw_group(int mode, char *name, long id,
* software.
*/
- if ((arg = getarg(args, 'h')) != NULL ||
- (arg = getarg(args, 'H')) != NULL) {
- if (strcmp(arg->val, "-") == 0)
- grp->gr_passwd = "*"; /* No access */
- else {
- int fd = atoi(arg->val);
- int precrypt = (arg->ch == 'H');
- int b;
- int istty = isatty(fd);
- struct termios t;
- char *p, line[256];
-
- if (istty) {
- if (tcgetattr(fd, &t) == -1)
- istty = 0;
- else {
- struct termios n = t;
-
- /* Disable echo */
- n.c_lflag &= ~(ECHO);
- tcsetattr(fd, TCSANOW, &n);
- printf("%sassword for group %s:", (mode
== M_UPDATE) ? "New p" : "P", grp->gr_name);
- fflush(stdout);
- }
- }
- b = read(fd, line, sizeof(line) - 1);
- if (istty) { /* Restore state */
- tcsetattr(fd, TCSANOW, &t);
- fputc('\n', stdout);
- fflush(stdout);
- }
- if (b < 0)
- err(EX_OSERR, "-h file descriptor");
- line[b] = '\0';
- if ((p = strpbrk(line, " \t\r\n")) != NULL)
- *p = '\0';
- if (!*line)
- errx(EX_DATAERR, "empty password read on file
descriptor %d", fd);
- if (precrypt) {
- if (strchr(line, ':') != NULL)
- return EX_DATAERR;
- grp->gr_passwd = line;
- } else
- grp->gr_passwd = pw_pwcrypt(line);
- }
- }
+ if (conf.fd != -1)
+ set_passwd(grp, mode == M_UPDATE);
if (((arg = getarg(args, 'M')) != NULL ||
(arg = getarg(args, 'd')) != NULL ||
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
