emo/openrc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

start-stop-daemon, supervise-daemon: fix parsing of usernames passed via --user that start with a number

Browse Source 
start-stop-daemon and supervise-daemon parse usernames and group names
passed via the --user argument as numeric UID/GID if they start with a
number (e.g. user "4foo" will be treated as UID 4). This results in the
process that is being started to run under a totally unexpected user if
that UID exists.

Even though the result of the sscanf calls are tested for a result of
exactly 1, which means exactly one value was extracted, because sscanf's
format string only contains only one placeholder, it will never return
a value greater than 1, even if there are still characters left to be
parsed. This causes start-stop-daemon and supervise-daemon to assume
that usernames starting with a number are just that number. Adding a
second placeholder "%1s" to the format string, which matches a string of
length 1, makes sure that sscanf can distinguish between pure numbers
(in which case it will return 1) and strings either starting with a
number (in which case it will return 2) and any other string (in which
case it will return 0).

This fixes #379.
This fixes #380.
This commit is contained in:
Johannes Heimansberg
2020-09-06 09:22:50 +02:00
committed by William Hubbs
parent 0fab3e837b
commit 47819f004c
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/rc/start-stop-daemon.c
View File

@@ -389,10 +389,11 @@ int main(int argc, char **argv)
/* falls through */
case 'u': /* --user <username>|<uid> */
{
char dummy[2];
p = optarg;
tmp = strsep(&p, ":");
changeuser = xstrdup(tmp);
if (sscanf(tmp, "%d", &tid) != 1)
if (sscanf(tmp, "%d%1s", &tid, dummy) != 1)
pw = getpwnam(tmp);
else
pw = getpwuid((uid_t)tid);
@@ -413,7 +414,7 @@ int main(int argc, char **argv)
if (p) {
tmp = strsep (&p, ":");
if (sscanf(tmp, "%d", &tid) != 1)
if (sscanf(tmp, "%d%1s", &tid, dummy) != 1)
gr = getgrnam(tmp);
else
gr = getgrgid((gid_t) tid);

5
src/rc/supervise-daemon.c
View File

@@ -855,10 +855,11 @@ int main(int argc, char **argv)
case 'u': /* --user <username>|<uid> */
{
char dummy[2];
p = optarg;
tmp = strsep(&p, ":");
changeuser = xstrdup(tmp);
if (sscanf(tmp, "%d", &tid) != 1)
if (sscanf(tmp, "%d%1s", &tid, dummy) != 1)
pw = getpwnam(tmp);
else
pw = getpwuid((uid_t)tid);
@@ -879,7 +880,7 @@ int main(int argc, char **argv)
if (p) {
tmp = strsep (&p, ":");
if (sscanf(tmp, "%d", &tid) != 1)
if (sscanf(tmp, "%d%1s", &tid, dummy) != 1)
gr = getgrnam(tmp);
else
gr = getgrgid((gid_t) tid);