Re: libc: getusershell, new implementation

2015-12-05 Thread Ted Unangst
Tobias Stoeckmann wrote: > > And I still think that the current code is a bit too permissive in parsing > things. I mean what's the point in allowing lines like: > > sometextwithoutspace/bin/ksh should be used for logins # seriously! > > Which would result in /bin/ksh, by the way. > > Didn't

Re: libc: getusershell, new implementation

2015-12-05 Thread Theo de Raadt
To me the new code seems broken. It keeps a fd open between libc calls. It requires endusershell() to be called later. Not even close-on-exec can work here, because libc is remembering a FILE * referring to an open fd. Leaving a fd open between libc calls is verboten, unless there is

Re: libc: getusershell, new implementation

2015-12-05 Thread Ted Unangst
Tobias Stoeckmann wrote: > There's still a possible overflow in getusershell.c. We could increase > the buffer allocation yet again, but I have to agree with the glibc > developers here: enough is enough. The code is ugly and has proven to be > difficult to review. Another approach is to rewrite

Re: libc: getusershell, new implementation

2015-12-05 Thread Tobias Stoeckmann
> Index: gen/getusershell.c > === > RCS file: /cvs/src/lib/libc/gen/getusershell.c,v > retrieving revision 1.16 > diff -u -p -r1.16 getusershell.c > --- gen/getusershell.c14 Sep 2015 16:09:13 - 1.16 > +++

Re: libc: getusershell, new implementation

2015-12-05 Thread Tobias Stoeckmann
On Sat, Dec 05, 2015 at 01:25:10PM -0500, Ted Unangst wrote: > ok. i was going to leave the behavior alone, but we can fix that too. > > - use getline to read lines of any length. > - only consider lines that start with a /. > - truncate lines after a #, but not after spaces. ok tobias, thanks

Re: libc: getusershell, new implementation

2015-12-05 Thread patrick keshishian
On Sat, Dec 05, 2015 at 01:25:10PM -0500, Ted Unangst wrote: > Tobias Stoeckmann wrote: > > > > And I still think that the current code is a bit too permissive in parsing > > things. I mean what's the point in allowing lines like: > > > > sometextwithoutspace/bin/ksh should be used for logins #

libc: getusershell, new implementation

2015-12-04 Thread Tobias Stoeckmann
There's still a possible overflow in getusershell.c. We could increase the buffer allocation yet again, but I have to agree with the glibc developers here: enough is enough. The code is ugly and has proven to be difficult to review. The overflow has been spotted by Paul Pluzhnikov, after I

Re: libc: getusershell, new implementation

2015-12-04 Thread Philip Guenther
On Fri, Dec 4, 2015 at 2:54 PM, Tobias Stoeckmann wrote: > On Fri, Dec 04, 2015 at 03:47:07PM -0700, Theo de Raadt wrote: >> > Is it worth it, knowing that it's a deprecated BSD-specific function? >> >> Careful there :-) It isn't deprecated in the BSD's, and it isn't >>