diff --git a/ChangeLog b/ChangeLog index bcfb78d9..d694bc68 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,48 @@ +2007-11-18 Nicolas François + + * lib/prototypes.h, configure.in, libmisc/Makefile.am, + libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c, + libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c: + Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(), + xgetgrgid(), and xgetspnam(). They allocate memory for the + returned structure and are more robust to successive calls. They + are implemented with the libc's getxxyyy_r() functions if + available. + * libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c, + libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c, + libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c, + src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c, + src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c, + src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c, + src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c, + src/groupadd.c, src/chage.c, src/login.c, src/suauth.c, + src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the + usage of one of the getpwnam(), getpwuid(), getgrnam(), + getgrgid(), and getspnam() functions. It was noticed on + http://bugs.debian.org/341230 that chfn and chsh use a passwd + structure after calling a pam function, which result in using + information from the passwd structure requested by pam, not the + original one. It is much easier to use the new xget... functions + to avoid these issues. I've checked which call to the original + get... functions could be left (reducing the scope of the + structure if possible), and I've left comments to ease future + reviews (e.g. /* local, no need for xgetpwnam */). + Note: the getpwent/getgrent calls should probably be checked also. + * src/groupdel.c, src/expiry.c: Fix typos in comments. + * src/groupmod.c: Re-indent. + * libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c, + lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the ___dup + functions (used by the xget... functions) from the io.c files + to the new mem.c files. This avoid linking some utils against + the SELinux library. + +2007-11-18 Nicolas François + + * man/pl/pl.po: Fix typo: chgpassw -> chgpasswd. + * man/pl/Makefile.am: Fix typo: chgpassw -> chgpasswd. + * man/de/de.po: groups shall not be translated (for command, + refname, or refentrytitle). + 2007-11-18 Nicolas François * src/login.c: Fix typo introduced while fixing diff --git a/configure.in b/configure.in index f86812b8..ad622e66 100644 --- a/configure.in +++ b/configure.in @@ -36,7 +36,8 @@ AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \ AC_CHECK_FUNCS(l64a fchmod fchown fsync getgroups gethostname getspnam \ gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \ - memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr) + memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \ + getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r) AC_SYS_LARGEFILE dnl Checks for typedefs, structures, and compiler characteristics. diff --git a/lib/groupio.c b/lib/groupio.c index a281dd0e..18a8f49a 100644 --- a/lib/groupio.c +++ b/lib/groupio.c @@ -10,32 +10,6 @@ extern int putgrent (const struct group *, FILE *); extern struct group *sgetgrent (const char *); -struct group *__gr_dup (const struct group *grent) -{ - struct group *gr; - int i; - - if (!(gr = (struct group *) malloc (sizeof *gr))) - return NULL; - *gr = *grent; - if (!(gr->gr_name = strdup (grent->gr_name))) - return NULL; - if (!(gr->gr_passwd = strdup (grent->gr_passwd))) - return NULL; - - for (i = 0; grent->gr_mem[i]; i++); - gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *)); - if (!gr->gr_mem) - return NULL; - for (i = 0; grent->gr_mem[i]; i++) { - gr->gr_mem[i] = strdup (grent->gr_mem[i]); - if (!gr->gr_mem[i]) - return NULL; - } - gr->gr_mem[i] = NULL; - return gr; -} - static void *group_dup (const void *ent) { const struct group *gr = ent; diff --git a/lib/groupmem.c b/lib/groupmem.c new file mode 100644 index 00000000..0ad0bee8 --- /dev/null +++ b/lib/groupmem.c @@ -0,0 +1,35 @@ + +#include + +#ident "$Id: groupio.c 1342 2007-11-10 23:46:11Z nekral-guest $" + +#include "prototypes.h" +#include "defines.h" +#include "groupio.h" + +struct group *__gr_dup (const struct group *grent) +{ + struct group *gr; + int i; + + if (!(gr = (struct group *) malloc (sizeof *gr))) + return NULL; + *gr = *grent; + if (!(gr->gr_name = strdup (grent->gr_name))) + return NULL; + if (!(gr->gr_passwd = strdup (grent->gr_passwd))) + return NULL; + + for (i = 0; grent->gr_mem[i]; i++); + gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *)); + if (!gr->gr_mem) + return NULL; + for (i = 0; grent->gr_mem[i]; i++) { + gr->gr_mem[i] = strdup (grent->gr_mem[i]); + if (!gr->gr_mem[i]) + return NULL; + } + gr->gr_mem[i] = NULL; + return gr; +} + diff --git a/lib/prototypes.h b/lib/prototypes.h index 1ad2f1b4..e18d71e8 100644 --- a/lib/prototypes.h +++ b/lib/prototypes.h @@ -23,6 +23,7 @@ #endif #include #include +#include "shadowio.h" #include "defines.h" @@ -179,4 +180,15 @@ extern int valid (const char *, const struct passwd *); extern char *xmalloc (size_t); extern char *xstrdup (const char *); +/* xgetpwnam.c */ +extern struct passwd *xgetpwnam (const char *); +/* xgetpwuid.c */ +extern struct passwd *xgetpwuid (uid_t); +/* xgetgrnam.c */ +extern struct group *xgetgrnam (const char *); +/* xgetgrgid.c */ +extern struct group *xgetgrgid (gid_t); +/* xgetspnam.c */ +extern struct spwd *xgetspnam(const char *); + #endif /* _PROTOTYPES_H */ diff --git a/lib/pwio.c b/lib/pwio.c index 88fa4333..14702ff5 100644 --- a/lib/pwio.c +++ b/lib/pwio.c @@ -12,26 +12,6 @@ extern struct passwd *sgetpwent (const char *); extern int putpwent (const struct passwd *, FILE *); -struct passwd *__pw_dup (const struct passwd *pwent) -{ - struct passwd *pw; - - if (!(pw = (struct passwd *) malloc (sizeof *pw))) - return NULL; - *pw = *pwent; - if (!(pw->pw_name = strdup (pwent->pw_name))) - return NULL; - if (!(pw->pw_passwd = strdup (pwent->pw_passwd))) - return NULL; - if (!(pw->pw_gecos = strdup (pwent->pw_gecos))) - return NULL; - if (!(pw->pw_dir = strdup (pwent->pw_dir))) - return NULL; - if (!(pw->pw_shell = strdup (pwent->pw_shell))) - return NULL; - return pw; -} - static void *passwd_dup (const void *ent) { const struct passwd *pw = ent; diff --git a/lib/pwmem.c b/lib/pwmem.c new file mode 100644 index 00000000..155c7e71 --- /dev/null +++ b/lib/pwmem.c @@ -0,0 +1,31 @@ + +#include + +#ident "$Id: pwio.c 1342 2007-11-10 23:46:11Z nekral-guest $" + +#include "prototypes.h" +#include "defines.h" +#include +#include +#include "pwio.h" + +struct passwd *__pw_dup (const struct passwd *pwent) +{ + struct passwd *pw; + + if (!(pw = (struct passwd *) malloc (sizeof *pw))) + return NULL; + *pw = *pwent; + if (!(pw->pw_name = strdup (pwent->pw_name))) + return NULL; + if (!(pw->pw_passwd = strdup (pwent->pw_passwd))) + return NULL; + if (!(pw->pw_gecos = strdup (pwent->pw_gecos))) + return NULL; + if (!(pw->pw_dir = strdup (pwent->pw_dir))) + return NULL; + if (!(pw->pw_shell = strdup (pwent->pw_shell))) + return NULL; + return pw; +} + diff --git a/lib/shadowio.c b/lib/shadowio.c index 604bdbf0..b7bd2e1b 100644 --- a/lib/shadowio.c +++ b/lib/shadowio.c @@ -11,19 +11,6 @@ #include #include "commonio.h" #include "shadowio.h" -struct spwd *__spw_dup (const struct spwd *spent) -{ - struct spwd *sp; - - if (!(sp = (struct spwd *) malloc (sizeof *sp))) - return NULL; - *sp = *spent; - if (!(sp->sp_namp = strdup (spent->sp_namp))) - return NULL; - if (!(sp->sp_pwdp = strdup (spent->sp_pwdp))) - return NULL; - return sp; -} static void *shadow_dup (const void *ent) { diff --git a/lib/shadowmem.c b/lib/shadowmem.c new file mode 100644 index 00000000..0df34df2 --- /dev/null +++ b/lib/shadowmem.c @@ -0,0 +1,27 @@ + +#include + +#ident "$Id: shadowio.c 1342 2007-11-10 23:46:11Z nekral-guest $" + +#include "prototypes.h" +#include "defines.h" +#ifdef HAVE_SHADOW_H +# include +#endif +#include +#include "shadowio.h" + +struct spwd *__spw_dup (const struct spwd *spent) +{ + struct spwd *sp; + + if (!(sp = (struct spwd *) malloc (sizeof *sp))) + return NULL; + *sp = *spent; + if (!(sp->sp_namp = strdup (spent->sp_namp))) + return NULL; + if (!(sp->sp_pwdp = strdup (spent->sp_pwdp))) + return NULL; + return sp; +} + diff --git a/libmisc/Makefile.am b/libmisc/Makefile.am index fbd9a7a7..dd36e755 100644 --- a/libmisc/Makefile.am +++ b/libmisc/Makefile.am @@ -1,5 +1,5 @@ -EXTRA_DIST = .indent.pro +EXTRA_DIST = .indent.pro xgetXXbyYY.c INCLUDES = -I$(top_srcdir)/lib @@ -49,4 +49,9 @@ libmisc_a_SOURCES = \ ulimit.c \ utmp.c \ valid.c \ + xgetpwnam.c \ + xgetpwuid.c \ + xgetgrnam.c \ + xgetgrgid.c \ + xgetspnam.c \ xmalloc.c diff --git a/libmisc/addgrps.c b/libmisc/addgrps.c index f7d16a4a..1bf02e61 100644 --- a/libmisc/addgrps.c +++ b/libmisc/addgrps.c @@ -21,7 +21,6 @@ int add_groups (const char *list) { GETGROUPS_T *grouplist, *tmp; int i, ngroups, added; - struct group *grp; char *token; char buf[1024]; @@ -50,8 +49,9 @@ int add_groups (const char *list) added = 0; for (token = strtok (buf, SEP); token; token = strtok (NULL, SEP)) { + struct group *grp; - grp = getgrnam (token); + grp = getgrnam (token); /* local, no need for xgetgrnam */ if (!grp) { fprintf (stderr, _("Warning: unknown group %s\n"), token); diff --git a/libmisc/chowntty.c b/libmisc/chowntty.c index 38eec3fc..88361f46 100644 --- a/libmisc/chowntty.c +++ b/libmisc/chowntty.c @@ -77,7 +77,7 @@ void chown_tty (const char *tty, const struct passwd *info) gid = info->pw_gid; else if (group[0] >= '0' && group[0] <= '9') gid = atoi (group); - else if ((grent = getgrnam (group))) + else if ((grent = getgrnam (group))) /* local, no need for xgetgrnam */ gid = grent->gr_gid; else gid = info->pw_gid; diff --git a/libmisc/entry.c b/libmisc/entry.c index 736a43ff..5b95eba1 100644 --- a/libmisc/entry.c +++ b/libmisc/entry.c @@ -43,7 +43,7 @@ void pw_entry (const char *name, struct passwd *pwent) struct spwd *spwd; - if (!(passwd = getpwnam (name))) { + if (!(passwd = getpwnam (name))) { /* local, no need for xgetpwnam */ pwent->pw_name = (char *) 0; return; } else { @@ -55,6 +55,7 @@ void pw_entry (const char *name, struct passwd *pwent) pwent->pw_shell = xstrdup (passwd->pw_shell); #if !defined(AUTOSHADOW) setspent (); + /* local, no need for xgetspnam */ if ((spwd = getspnam (name))) { pwent->pw_passwd = xstrdup (spwd->sp_pwdp); endspent (); diff --git a/libmisc/limits.c b/libmisc/limits.c index 955ee390..80c23f77 100644 --- a/libmisc/limits.c +++ b/libmisc/limits.c @@ -377,6 +377,7 @@ static void setup_usergroups (const struct passwd *info) * (examples: 022 -> 002, 077 -> 007). */ if (info->pw_uid != 0 && info->pw_uid == info->pw_gid) { + /* local, no need for xgetgrgid */ grp = getgrgid (info->pw_gid); if (grp && (strcmp (info->pw_name, grp->gr_name) == 0)) { oldmask = umask (0777); diff --git a/libmisc/myname.c b/libmisc/myname.c index 3efbb580..fac2345a 100644 --- a/libmisc/myname.c +++ b/libmisc/myname.c @@ -31,8 +31,9 @@ struct passwd *get_my_pwent (void) * XXX - when running from su, will return the current user (not * the original user, like getlogin() does). Does this matter? */ - if (cp && *cp && (pw = getpwnam (cp)) && pw->pw_uid == ruid) + if (cp && *cp && (pw = xgetpwnam (cp)) && pw->pw_uid == ruid) return pw; - return getpwuid (ruid); + return xgetpwuid (ruid); } + diff --git a/libmisc/pwdcheck.c b/libmisc/pwdcheck.c index 3c9f5ff1..7cef447d 100644 --- a/libmisc/pwdcheck.c +++ b/libmisc/pwdcheck.c @@ -46,7 +46,7 @@ void passwd_check (const char *user, const char *passwd, const char *progname) struct spwd *sp; - if ((sp = getspnam (user))) + if ((sp = getspnam (user))) /* !USE_PAM, no need for xgetspnam */ passwd = sp->sp_pwdp; endspent (); if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) { diff --git a/libmisc/rlogin.c b/libmisc/rlogin.c index 4077b7ba..e89934fd 100644 --- a/libmisc/rlogin.c +++ b/libmisc/rlogin.c @@ -162,7 +162,7 @@ do_rlogin (const char *remote_host, char *name, int namelen, char *term, #endif STTY (0, &termio); - if (!(pwd = getpwnam (name))) + if (!(pwd = getpwnam (name))) /* local, no need for xgetpwnam */ return 0; /* diff --git a/libmisc/xgetXXbyYY.c b/libmisc/xgetXXbyYY.c new file mode 100644 index 00000000..fe2454f1 --- /dev/null +++ b/libmisc/xgetXXbyYY.c @@ -0,0 +1,109 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#include +#include +#include +#include "config.h" +#include "prototypes.h" + +#define XFUNCTION_NAME XPREFIX (FUNCTION_NAME) +#define XPREFIX(name) XPREFIX1 (name) +#define XPREFIX1(name) x##name +#define REENTRANT_NAME APPEND_R (FUNCTION_NAME) +#define APPEND_R(name) APPEND_R1 (name) +#define APPEND_R1(name) name##_r +#define STRINGIZE(name) STRINGIZE1 (name) +#define STRINGIZE1(name) #name + +LOOKUP_TYPE *XFUNCTION_NAME (ARG_TYPE ARG_NAME) +{ +#if HAVE_FUNCTION_R + LOOKUP_TYPE *result=NULL; + char *buffer=NULL; + /* we have to start with something */ + size_t length = 0x100; + + result = malloc(sizeof(LOOKUP_TYPE)); + if (NULL == result) { + fprintf (stderr, _("%s: out of memory\n"), + "x" STRINGIZE(FUNCTION_NAME)); + exit (13); + } + + do { + int status; + LOOKUP_TYPE *resbuf = NULL; + buffer = (char *)realloc (buffer, length); + if (NULL == buffer) { + fprintf (stderr, _("%s: out of memory\n"), + "x" STRINGIZE(FUNCTION_NAME)); + exit (13); + } + errno = 0; + status = REENTRANT_NAME(ARG_NAME, result, buffer, + length, &resbuf); + if (!status && (resbuf == result)) { + /* Build a result structure that can be freed by + * the shadow *_free functions. */ + LOOKUP_TYPE *ret_result = DUP_FUNCTION(result); + free(buffer); + free(result); + return ret_result; + } + + if (ERANGE != errno) { + free (buffer); + free (result); + return NULL; + } + + length *= 4; + } while (length < MAX_LENGTH); + + free(buffer); + free(result); + return NULL; + +#else /* !HAVE_FUNCTION_R */ + + /* No reentrant function. + * Duplicate the structure to avoid other call to overwrite it. + * + * We should also restore the initial structure. But that would be + * overkill. + */ + LOOKUP_TYPE *result = FUNCTION_NAME(ARG_NAME); + + if (result) { +// result = DUP_FUNCTION(result); + if (NULL == result) { + fprintf (stderr, _("%s: out of memory\n"), + "x" STRINGIZE(FUNCTION_NAME)); + exit (13); + } + } + + return result; +#endif +} + diff --git a/libmisc/xgetgrgid.c b/libmisc/xgetgrgid.c new file mode 100644 index 00000000..52c8ee93 --- /dev/null +++ b/libmisc/xgetgrgid.c @@ -0,0 +1,34 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#include "groupio.h" + +#define LOOKUP_TYPE struct group +#define FUNCTION_NAME getgrgid +#define ARG_TYPE gid_t +#define ARG_NAME gid +#define DUP_FUNCTION __gr_dup +#define MAX_LENGTH 0x8000 +#define HAVE_FUNCTION_R (defined HAVE_GETGRGID_R) + +#include "xgetXXbyYY.c" + diff --git a/libmisc/xgetgrnam.c b/libmisc/xgetgrnam.c new file mode 100644 index 00000000..3fe922e5 --- /dev/null +++ b/libmisc/xgetgrnam.c @@ -0,0 +1,34 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#include "groupio.h" + +#define LOOKUP_TYPE struct group +#define FUNCTION_NAME getgrnam +#define ARG_TYPE const char * +#define ARG_NAME name +#define DUP_FUNCTION __gr_dup +#define MAX_LENGTH 0x8000 +#define HAVE_FUNCTION_R (defined HAVE_GETGRNAM_R) + +#include "xgetXXbyYY.c" + diff --git a/libmisc/xgetpwnam.c b/libmisc/xgetpwnam.c new file mode 100644 index 00000000..e2f58ba5 --- /dev/null +++ b/libmisc/xgetpwnam.c @@ -0,0 +1,34 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#include "pwio.h" + +#define LOOKUP_TYPE struct passwd +#define FUNCTION_NAME getpwnam +#define ARG_TYPE const char * +#define ARG_NAME name +#define DUP_FUNCTION __pw_dup +#define MAX_LENGTH 0x8000 +#define HAVE_FUNCTION_R (defined HAVE_GETPWNAM_R) + +#include "xgetXXbyYY.c" + diff --git a/libmisc/xgetpwuid.c b/libmisc/xgetpwuid.c new file mode 100644 index 00000000..01ef78d7 --- /dev/null +++ b/libmisc/xgetpwuid.c @@ -0,0 +1,34 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#include "pwio.h" + +#define LOOKUP_TYPE struct passwd +#define FUNCTION_NAME getpwuid +#define ARG_TYPE uid_t +#define ARG_NAME uid +#define DUP_FUNCTION __pw_dup +#define MAX_LENGTH 0x8000 +#define HAVE_FUNCTION_R (defined HAVE_GETPWUID_R) + +#include "xgetXXbyYY.c" + diff --git a/libmisc/xgetspnam.c b/libmisc/xgetspnam.c new file mode 100644 index 00000000..b394ef06 --- /dev/null +++ b/libmisc/xgetspnam.c @@ -0,0 +1,32 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#define LOOKUP_TYPE struct spwd +#define FUNCTION_NAME getspnam +#define ARG_TYPE const char * +#define ARG_NAME name +#define DUP_FUNCTION __spw_dup +#define MAX_LENGTH 0x8000 +#define HAVE_FUNCTION_R (defined HAVE_GETSPNAM_R) + +#include "xgetXXbyYY.c" + diff --git a/src/chage.c b/src/chage.c index 99791c8b..c171eb27 100644 --- a/src/chage.c +++ b/src/chage.c @@ -330,7 +330,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -454,13 +453,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("chage", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("chage", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/chfn.c b/src/chfn.c index 88459c7e..68118065 100644 --- a/src/chfn.c +++ b/src/chfn.c @@ -229,7 +229,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -317,7 +316,7 @@ int main (int argc, char **argv) */ if (optind < argc) { user = argv[optind]; - pw = getpwnam (user); + pw = xgetpwnam (user); if (!pw) { fprintf (stderr, _("%s: unknown user %s\n"), Prog, user); @@ -394,13 +393,17 @@ int main (int argc, char **argv) #else /* !USE_PAM */ retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("chfn", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/chgpasswd.c b/src/chgpasswd.c index e9c24f56..185d7ad0 100644 --- a/src/chgpasswd.c +++ b/src/chgpasswd.c @@ -95,7 +95,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif #ifndef SHADOWGRP @@ -144,13 +143,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("chpasswd", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/chpasswd.c b/src/chpasswd.c index c6bea656..c8b00607 100644 --- a/src/chpasswd.c +++ b/src/chpasswd.c @@ -92,7 +92,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -138,13 +137,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("chpasswd", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/chsh.c b/src/chsh.c index 4019f0a5..931de15d 100644 --- a/src/chsh.c +++ b/src/chsh.c @@ -182,7 +182,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -248,7 +247,7 @@ int main (int argc, char **argv) */ if (optind < argc) { user = argv[optind]; - pw = getpwnam (user); + pw = xgetpwnam (user); if (!pw) { fprintf (stderr, _("%s: unknown user %s\n"), Prog, user); @@ -341,13 +340,17 @@ int main (int argc, char **argv) #else /* !USE_PAM */ retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("chsh", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/expiry.c b/src/expiry.c index b53cfe08..f1aeb1db 100644 --- a/src/expiry.c +++ b/src/expiry.c @@ -61,7 +61,7 @@ static void usage (void) /* * expiry - check and enforce password expiration policy * - * expiry checks (-c) the current password expiraction and forces (-f) + * expiry checks (-c) the current password expiration and forces (-f) * changes when required. It is callable as a normal user command. */ int main (int argc, char **argv) @@ -101,7 +101,7 @@ int main (int argc, char **argv) fprintf (stderr, _("%s: unknown user\n"), Prog); exit (10); } - spwd = getspnam (pwd->pw_name); + spwd = getspnam (pwd->pw_name); /* !USE_PAM, No need for xgetspnam */ /* * If checking accounts, use agecheck() function. diff --git a/src/faillog.c b/src/faillog.c index b64ef385..91ce58b3 100644 --- a/src/faillog.c +++ b/src/faillog.c @@ -93,7 +93,7 @@ static void print_one (const struct faillog *fl, uid_t uid) ("Login Failures Maximum Latest On\n")); once++; } - pwent = getpwuid (uid); + pwent = getpwuid (uid); /* local, no need for xgetpwuid */ time (&now); tm = localtime (&fl->fail_time); #ifdef HAVE_STRFTIME @@ -291,7 +291,6 @@ static void set_locktime (long locktime) int main (int argc, char **argv) { int anyflag = 0; - struct passwd *pwent; setlocale (LC_ALL, ""); bindtextdomain (PACKAGE, LOCALEDIR); @@ -350,9 +349,12 @@ int main (int argc, char **argv) tflg++; break; case 'u': + { + struct passwd *pwent; if (aflg) usage (); + /* local, no need for xgetpwnam */ pwent = getpwnam (optarg); if (!pwent) { fprintf (stderr, @@ -363,6 +365,7 @@ int main (int argc, char **argv) uflg++; user = pwent->pw_uid; break; + } default: usage (); } diff --git a/src/gpasswd.c b/src/gpasswd.c index f370c244..f8f6832d 100644 --- a/src/gpasswd.c +++ b/src/gpasswd.c @@ -140,7 +140,7 @@ static int check_list (const char *users) * This user must exist. */ - if (!getpwnam (username)) { + if (!getpwnam (username)) { /* local, no need for xgetpwnam */ fprintf (stderr, _("%s: unknown user %s\n"), Prog, username); errors++; @@ -217,6 +217,7 @@ int main (int argc, char **argv) switch (flag) { case 'a': /* add a user */ user = optarg; + /* local, no need for xgetpwnam */ if (!getpwnam (user)) { fprintf (stderr, _("%s: unknown user %s\n"), Prog, @@ -320,7 +321,7 @@ int main (int argc, char **argv) if (!(group = argv[optind])) usage (); - if (!(gr = getgrnam (group))) { + if (!(gr = getgrnam (group))) { /* dup, no need for xgetgrnam */ fprintf (stderr, _("unknown group: %s\n"), group); #ifdef WITH_AUDIT audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "group lookup", group, diff --git a/src/groupadd.c b/src/groupadd.c index 9e8cffcc..b4d05235 100644 --- a/src/groupadd.c +++ b/src/groupadd.c @@ -259,6 +259,7 @@ static void find_new_gid (void) if (!grp) break; #else + /* local, no need for xgetgrgid */ if (!getgrgid (group_id)) break; #endif @@ -395,7 +396,6 @@ int main (int argc, char **argv) { #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -490,13 +490,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("groupadd", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { @@ -526,7 +530,7 @@ int main (int argc, char **argv) /* * Start with a quick check to see if the group exists. */ - if (getgrnam (group_name)) { + if (getgrnam (group_name)) { /* local, no need for xgetgrnam */ if (fflg) { exit (E_SUCCESS); } diff --git a/src/groupdel.c b/src/groupdel.c index 25e641f0..f89f7066 100644 --- a/src/groupdel.c +++ b/src/groupdel.c @@ -188,7 +188,7 @@ static void group_busy (gid_t gid) endpwent (); /* - * If pwd isn't NULL, it stopped becaues the gid's matched. + * If pwd isn't NULL, it stopped because the gid's matched. */ if (pwd == (struct passwd *) 0) @@ -213,11 +213,8 @@ static void group_busy (gid_t gid) int main (int argc, char **argv) { - struct group *grp; - #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -245,13 +242,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("groupdel", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { @@ -278,20 +279,25 @@ int main (int argc, char **argv) is_shadow_grp = sgr_file_present (); #endif - /* - * Start with a quick check to see if the group exists. - */ - if (!(grp = getgrnam (group_name))) { - fprintf (stderr, _("%s: group %s does not exist\n"), - Prog, group_name); + { + struct group *grp; + /* + * Start with a quick check to see if the group exists. + */ + /* local, no need for xgetgrnam */ + if (!(grp = getgrnam (group_name))) { + fprintf (stderr, _("%s: group %s does not exist\n"), + Prog, group_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "deleting group", - group_name, -1, 0); + audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + "deleting group", + group_name, -1, 0); #endif - exit (E_NOTFOUND); - } + exit (E_NOTFOUND); + } - group_id = grp->gr_gid; /* LAUS */ + group_id = grp->gr_gid; /* LAUS */ + } #ifdef USE_NIS /* @@ -321,7 +327,7 @@ int main (int argc, char **argv) * Now check to insure that this isn't the primary group of * anyone. */ - group_busy (grp->gr_gid); + group_busy (group_id); /* * Do the hard stuff - open the files, delete the group entries, diff --git a/src/groupmems.c b/src/groupmems.c index 69ac54cb..97252e9d 100644 --- a/src/groupmems.c +++ b/src/groupmems.c @@ -76,14 +76,16 @@ static int isroot (void) static int isgroup (void) { gid_t g = getgid (); - struct group *grp = getgrgid (g); + struct group *grp = getgrgid (g); /* local, no need for xgetgrgid */ return TRUE; } static char *whoami (void) { + /* local, no need for xgetgrgid */ struct group *grp = getgrgid (getgid ()); + /* local, no need for xgetpwuid */ struct passwd *usr = getpwuid (getuid ()); if (0 == strcmp (usr->pw_name, grp->gr_name)) { @@ -173,7 +175,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -239,13 +240,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("groupmod", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/groupmod.c b/src/groupmod.c index 78c9f7ef..ce3d3bd9 100644 --- a/src/groupmod.c +++ b/src/groupmod.c @@ -73,7 +73,7 @@ static gid_t group_newid; static char *Prog; static int - oflg = 0, /* permit non-unique group ID to be specified with -g */ + oflg = 0, /* permit non-unique group ID to be specified with -g */ gflg = 0, /* new ID value for the group */ nflg = 0; /* a new name has been specified for the group */ @@ -257,7 +257,7 @@ static void check_new_gid (void) return; } - if (oflg || !getgrgid (group_newid)) + if (oflg || !getgrgid (group_newid)) /* local, no need for xgetgrgid */ return; /* @@ -292,6 +292,7 @@ static void check_new_name (void) /* * If the entry is found, too bad. */ + /* local, no need for xgetgrnam */ if (getgrnam (group_newname)) { fprintf (stderr, _("%s: %s is not a unique name\n"), Prog, @@ -457,11 +458,8 @@ static void open_files (void) */ int main (int argc, char **argv) { - struct group *grp; - #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -485,13 +483,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("groupmod", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { @@ -517,19 +519,23 @@ int main (int argc, char **argv) #ifdef SHADOWGRP is_shadow_grp = sgr_file_present (); #endif - /* - * Start with a quick check to see if the group exists. - */ - if (!(grp = getgrnam (group_name))) { - fprintf (stderr, _("%s: group %s does not exist\n"), - Prog, group_name); + { + struct group *grp; + /* + * Start with a quick check to see if the group exists. + */ + /* local, no need for xgetgrnam */ + if (!(grp = getgrnam (group_name))) { + fprintf (stderr, _("%s: group %s does not exist\n"), + Prog, group_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "modifying group", - group_name, -1, 0); + audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + "modifying group", group_name, -1, 0); #endif - exit (E_NOTFOUND); - } else - group_id = grp->gr_gid; + exit (E_NOTFOUND); + } else + group_id = grp->gr_gid; + } #ifdef WITH_AUDIT /* Set new name/id to original if not specified on command line */ diff --git a/src/groups.c b/src/groups.c index 14c0a7d7..53fdfb7d 100644 --- a/src/groups.c +++ b/src/groups.c @@ -59,6 +59,7 @@ static void print_groups (const char *member) setgrent (); + /* local, no need for xgetpwnam */ if ((pwd = getpwnam (member)) == 0) { fprintf (stderr, _("%s: unknown user %s\n"), Prog, member); exit (1); @@ -73,6 +74,7 @@ static void print_groups (const char *member) flag = 1; } } + /* local, no need for xgetgrgid */ if (!flag && (grp = getgrgid (pwd->pw_gid))) { if (groups++) putchar (' '); @@ -95,7 +97,6 @@ int main (int argc, char **argv) GETGROUPS_T *groups; int pri_grp; int i; - struct group *gr; #else char *logname; char *getlogin (); @@ -150,6 +151,8 @@ int main (int argc, char **argv) * values. */ if (pri_grp != -1) { + struct group *gr; + /* local, no need for xgetgrgid */ if ((gr = getgrgid (pri_grp))) printf ("%s", gr->gr_name); else @@ -157,9 +160,11 @@ int main (int argc, char **argv) } for (i = 0; i < ngroups; i++) { + struct group *gr; if (i || pri_grp != -1) putchar (' '); + /* local, no need for xgetgrgid */ if ((gr = getgrgid (groups[i]))) printf ("%s", gr->gr_name); else diff --git a/src/grpck.c b/src/grpck.c index 0dc2adec..1b761598 100644 --- a/src/grpck.c +++ b/src/grpck.c @@ -377,6 +377,7 @@ int main (int argc, char **argv) * Make sure each member exists */ for (i = 0; grp->gr_mem[i]; i++) { + /* local, no need for xgetpwnam */ if (getpwnam (grp->gr_mem[i])) continue; /* @@ -597,6 +598,7 @@ int main (int argc, char **argv) * Make sure each administrator exists */ for (i = 0; sgr->sg_adm[i]; i++) { + /* local, no need for xgetpwnam */ if (getpwnam (sgr->sg_adm[i])) continue; /* @@ -626,6 +628,7 @@ int main (int argc, char **argv) * Make sure each member exists */ for (i = 0; sgr->sg_mem[i]; i++) { + /* local, no need for xgetpwnam */ if (getpwnam (sgr->sg_mem[i])) continue; diff --git a/src/id.c b/src/id.c index a2f06ab5..d26d2a63 100644 --- a/src/id.c +++ b/src/id.c @@ -118,13 +118,13 @@ static void usage (void) * does not exist, just give the numerical value. */ - pw = getpwuid (ruid); + pw = getpwuid (ruid); /* local, no need for xgetpwuid */ if (pw) printf ("UID=%u(%s)", ruid, pw->pw_name); else printf ("UID=%u", ruid); - gr = getgrgid (rgid); + gr = getgrgid (rgid);; /* local, no need for xgetgrgid */ if (gr) printf (" GID=%u(%s)", rgid, gr->gr_name); else @@ -136,14 +136,14 @@ static void usage (void) */ if (ruid != euid) { - pw = getpwuid (euid); + pw = getpwuid (euid); /* local, no need for xgetpwuid */ if (pw) printf (" EUID=%u(%s)", euid, pw->pw_name); else printf (" EUID=%u", euid); } if (rgid != egid) { - gr = getgrgid (egid); + gr = getgrgid (egid); /* local, no need for xgetgrgid */ if (gr) printf (" EGID=%u(%s)", egid, gr->gr_name); else @@ -169,6 +169,7 @@ static void usage (void) if (i) putchar (','); + /* local, no need for xgetgrgid */ gr = getgrgid (groups[i]); if (gr) printf ("%u(%s)", groups[i], gr->gr_name); diff --git a/src/lastlog.c b/src/lastlog.c index d3dbc88c..a78f1b0e 100644 --- a/src/lastlog.c +++ b/src/lastlog.c @@ -199,7 +199,7 @@ int main (int argc, char **argv) bflg++; break; case 'u': - pwent = getpwnam (optarg); + pwent = xgetpwnam (optarg); if (!pwent) { fprintf (stderr, _("Unknown User: %s\n"), diff --git a/src/login_nopam.c b/src/login_nopam.c index f35f7541..720a55e0 100644 --- a/src/login_nopam.c +++ b/src/login_nopam.c @@ -222,6 +222,7 @@ static int user_match (const char *tok, const char *string) #endif } else if (string_match (tok, string)) { /* ALL or exact match */ return (YES); + /* local, no need for xgetgrnam */ } else if ((group = getgrnam (tok))) { /* try group membership */ for (i = 0; group->gr_mem[i]; i++) if (strcasecmp (string, group->gr_mem[i]) == 0) @@ -235,6 +236,7 @@ static int user_match (const char *tok, const char *string) * XXX - disabled by default for now. Need to verify that * getpwnam() doesn't have some nasty side effects. --marekm */ + /* local, no need for xgetpwnam */ if ((userinf = getpwnam (string))) if (userinf->pw_gid == group->gr_gid) return (YES); diff --git a/src/newgrp.c b/src/newgrp.c index 26c9dc25..089bb2f2 100644 --- a/src/newgrp.c +++ b/src/newgrp.c @@ -240,7 +240,7 @@ int main (int argc, char **argv) * Perhaps in the past, but the default behavior now depends on the * group entry, so it had better exist. -- JWP */ - if (!(grp = getgrgid (pwd->pw_gid))) { + if (!(grp = xgetgrgid (pwd->pw_gid))) { fprintf (stderr, _("unknown GID: %lu\n"), (unsigned long) pwd->pw_gid); SYSLOG ((LOG_CRIT, "unknown GID: %lu", @@ -319,7 +319,7 @@ int main (int argc, char **argv) * including the user's name in the member list of the user's login * group. -- JWP */ - if (!(grp = getgrnam (group))) { + if (!(grp = getgrnam (group))) { /* local, no need for xgetgrnam */ fprintf (stderr, _("unknown group: %s\n"), group); goto failure; } @@ -338,7 +338,7 @@ int main (int argc, char **argv) * * Re-read the group entry for further processing. */ - grp = getgrnam (group); + grp = xgetgrnam (group); } #ifdef SHADOWGRP if ((sgrp = getsgnam (group))) { @@ -364,7 +364,7 @@ int main (int argc, char **argv) * password, and the group has a password, she needs to give the * group password. */ - if ((spwd = getspnam (name))) + if ((spwd = xgetspnam (name))) pwd->pw_passwd = spwd->sp_pwdp; if (pwd->pw_passwd[0] == '\0' && grp->gr_passwd[0]) @@ -480,6 +480,7 @@ int main (int argc, char **argv) } } while ((pid == child && WIFSTOPPED (cst)) || (pid != child && errno == EINTR)); + /* local, no need for xgetgrgid */ SYSLOG ((LOG_INFO, "user `%s' (login `%s' on %s) returned to group `%s'", name, loginname, tty, diff --git a/src/newusers.c b/src/newusers.c index 6e9a6942..f2885902 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -289,7 +289,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -305,13 +304,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("newusers", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("newusers", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/passwd.c b/src/passwd.c index 30e3e9b4..8775e87c 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -399,7 +399,7 @@ static void print_status (const struct passwd *pw) { struct spwd *sp; - sp = getspnam (pw->pw_name); + sp = getspnam (pw->pw_name); /* local, no need for xgetspnam */ if (sp) { printf ("%s %s %s %ld %ld %ld %ld\n", pw->pw_name, @@ -803,7 +803,7 @@ int main (int argc, char **argv) exit (E_NOPERM); } - pw = getpwnam (name); + pw = xgetpwnam (name); if (!pw) { fprintf (stderr, _("%s: unknown user %s\n"), Prog, name); exit (E_NOPERM); @@ -843,7 +843,7 @@ int main (int argc, char **argv) /* * The user name is valid, so let's get the shadow file entry. */ - sp = getspnam (name); + sp = getspnam (name); /* !USE_PAM, no need for xgetspnam */ if (!sp) sp = pwd_to_spwd (pw); diff --git a/src/pwck.c b/src/pwck.c index 758e8e89..5fdf79b4 100644 --- a/src/pwck.c +++ b/src/pwck.c @@ -331,6 +331,7 @@ int main (int argc, char **argv) /* * Make sure the primary group exists */ + /* local, no need for xgetgrgid */ if (!quiet && !getgrgid (pwd->pw_gid)) { /* diff --git a/src/su.c b/src/su.c index 2568f101..a9e732bc 100644 --- a/src/su.c +++ b/src/su.c @@ -125,7 +125,7 @@ static int iswheel (const char *username) { struct group *grp; - grp = getgrnam ("wheel");; + grp = getgrnam ("wheel"); /* !USE_PAM, no need for xgetgrnam */ if (!grp || !grp->gr_mem) return 0; return is_on_list (grp->gr_mem, username); @@ -472,7 +472,7 @@ int main (int argc, char **argv) * Sort out the password of user calling su, in case needed later * -- chris */ - if ((spwd = getspnam (oldname))) + if ((spwd = getspnam (oldname))) /* !USE_PAM, no need for xgetspnam */ pw->pw_passwd = spwd->sp_pwdp; oldpass = xstrdup (pw->pw_passwd); #endif /* SU_ACCESS */ @@ -507,7 +507,7 @@ int main (int argc, char **argv) * The password file entries for the user is gotten and the account * validated. */ - if (!(pw = getpwnam (name))) { + if (!(pw = xgetpwnam (name))) { (void) fprintf (stderr, _("Unknown id: %s\n"), name); closelog (); exit (1); @@ -515,7 +515,7 @@ int main (int argc, char **argv) #ifndef USE_PAM spwd = NULL; if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0 - && (spwd = getspnam (name))) + && (spwd = getspnam (name))) /* !USE_PAM, no need for xgetspnam */ pw->pw_passwd = spwd->sp_pwdp; #endif /* !USE_PAM */ pwent = *pw; @@ -696,8 +696,10 @@ int main (int argc, char **argv) spwd = pwd_to_spwd (&pwent); if (expire (&pwent, spwd)) { + /* !USE_PAM, no need for xgetpwnam */ struct passwd *pwd = getpwnam (name); + /* !USE_PAM, no need for xgetspnam */ spwd = getspnam (name); if (pwd) pwent = *pwd; diff --git a/src/suauth.c b/src/suauth.c index 824daf6e..21f2a4e9 100644 --- a/src/suauth.c +++ b/src/suauth.c @@ -201,7 +201,7 @@ int isgrp (const char *name, const char *group) { struct group *grp; - grp = getgrnam (group); + grp = getgrnam (group); /* local, no need for xgetgrnam */ if (!grp || !grp->gr_mem) return 0; diff --git a/src/useradd.c b/src/useradd.c index 8d1d0963..f539f7fe 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -205,8 +205,8 @@ static struct group *getgr_nam_gid (const char *grname) gid = strtol (grname, &errptr, 10); if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && gid >= 0) - return getgrgid (gid); - return getgrnam (grname); + return xgetgrgid (gid); + return xgetgrnam (grname); } static long get_number (const char *numstr) @@ -252,7 +252,6 @@ static void get_defaults (void) FILE *fp; char buf[1024]; char *cp, *ep; - const struct group *grp; /* * Open the defaults file for reading. @@ -279,9 +278,11 @@ static void get_defaults (void) */ if (MATCH (buf, DGROUP)) { unsigned int val = (unsigned int) strtoul (cp, &ep, 10); + const struct group *grp; - if (*cp != '\0' && *ep == '\0') { /* valid number */ + if (*cp != '\0' && *ep == '\0') { /* valid number */ def_group = val; + /* local, no need for xgetgrgid */ if ((grp = getgrgid (def_group))) { def_gname = xstrdup (grp->gr_name); } else { @@ -289,6 +290,7 @@ static void get_defaults (void) _("%s: unknown GID %s\n"), Prog, cp); } + /* local, no need for xgetgrnam */ } else if ((grp = getgrnam (cp))) { def_group = grp->gr_gid; def_gname = xstrdup (cp); @@ -837,7 +839,7 @@ static void find_new_uid (void) #ifdef NO_GETPWENT pw_rewind (); while ((pwd = pw_next ())) { -#else /* using getpwent() we can check against NIS users etc. */ +#else /* using getpwent() we can check against NIS users etc. */ setpwent (); while ((pwd = getpwent ())) { #endif @@ -881,6 +883,7 @@ static void find_new_uid (void) if (!pwd) break; #else + /* local, no need for xgetpwuid */ if (!getpwuid (user_id)) break; #endif @@ -940,7 +943,7 @@ static void find_new_gid () #ifndef NO_GETGRENT /* glibc does have this, so ... */ /* A quick test gets here: if the UID is available * as a GID, go ahead and use it */ - if (!getgrgid (user_id)) { + if (!getgrgid (user_id)) { /* local, no need for xgetgrgid */ user_gid = user_id; return; } @@ -953,6 +956,7 @@ static void find_new_gid () if (!grp) break; #else + /* local, no need for xgetgrgid */ if (!getgrgid (user_gid)) break; #endif @@ -1497,6 +1501,7 @@ static void usr_update (void) * no user with this UID exists yet (entries for shared UIDs * are left unchanged). --marekm */ + /* local, no need for xgetpwuid */ if (!getpwuid (user_id)) { faillog_reset (user_id); lastlog_reset (user_id); @@ -1596,7 +1601,7 @@ static void create_mail (void) return; } - gr = getgrnam ("mail"); + gr = getgrnam ("mail"); /* local, no need for xgetgrnam */ if (!gr) { fprintf (stderr, _ @@ -1622,7 +1627,6 @@ int main (int argc, char **argv) { #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -1661,13 +1665,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("useradd", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("useradd", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { @@ -1705,7 +1713,7 @@ int main (int argc, char **argv) /* * Start with a quick check to see if the user exists. */ - if (getpwnam (user_name)) { + if (getpwnam (user_name)) { /* local, no need for xgetpwnam */ fprintf (stderr, _("%s: user %s exists\n"), Prog, user_name); #ifdef WITH_AUDIT audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding user", @@ -1721,7 +1729,7 @@ int main (int argc, char **argv) * --bero */ if (!gflg) { - if (getgrnam (user_name)) { + if (getgrnam (user_name)) { /* local, no need for xgetgrnam */ fprintf (stderr, _ ("%s: group %s exists - if you want to add this user to that group, use -g.\n"), diff --git a/src/userdel.c b/src/userdel.c index 9abaa283..51b70dd3 100644 --- a/src/userdel.c +++ b/src/userdel.c @@ -179,7 +179,7 @@ static void update_groups (void) * now if they have a group with the same name as their * user name, with no members, we delete it. */ - grp = getgrnam (user_name); + grp = xgetgrnam (user_name); if (grp && getdef_bool ("USERGROUPS_ENAB") && (grp->gr_mem[0] == NULL)) { @@ -608,12 +608,10 @@ static void remove_mailbox (void) */ int main (int argc, char **argv) { - struct passwd *pwd; int errors = 0; #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -663,13 +661,19 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } - if (retval == PAM_SUCCESS) - retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh); + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } + + if (retval == PAM_SUCCESS) { + retval = pam_start ("userdel", pampw->pw_name, + &conv, &pamh); + } + } if (retval == PAM_SUCCESS) { retval = pam_authenticate (pamh, 0); @@ -698,14 +702,20 @@ int main (int argc, char **argv) * Start with a quick check to see if the user exists. */ user_name = argv[argc - 1]; - if (!(pwd = getpwnam (user_name))) { - fprintf (stderr, _("%s: user %s does not exist\n"), - Prog, user_name); + { + struct passwd *pwd; + /* local, no need for xgetpwnam */ + if (!(pwd = getpwnam (user_name))) { + fprintf (stderr, _("%s: user %s does not exist\n"), + Prog, user_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, - "deleting user not found", user_name, -1, 0); + audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + "deleting user not found", user_name, -1, 0); #endif - exit (E_NOTFOUND); + exit (E_NOTFOUND); + } + user_id = pwd->pw_uid; + user_home = xstrdup (pwd->pw_dir); } #ifdef USE_NIS @@ -727,8 +737,6 @@ int main (int argc, char **argv) exit (E_NOTFOUND); } #endif - user_id = pwd->pw_uid; - user_home = xstrdup (pwd->pw_dir); /* * Check to make certain the user isn't logged in. */ @@ -755,6 +763,7 @@ int main (int argc, char **argv) #ifdef EXTRA_CHECK_HOME_DIR /* This may be slow, the above should be good enough. */ if (rflg && !fflg) { + struct passwd *pwd; /* * For safety, refuse to remove the home directory if it * would result in removing some other user's home diff --git a/src/usermod.c b/src/usermod.c index 074b3e37..2b3bc6d3 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -174,8 +174,8 @@ static struct group *getgr_nam_gid (const char *grname) val = strtol (grname, &errptr, 10); if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && val >= 0) - return getgrgid (val); - return getgrnam (grname); + return xgetgrgid (val); + return xgetgrnam (grname); } /* @@ -805,26 +805,28 @@ static uid_t get_id (const char *uidstr) static void process_flags (int argc, char **argv) { const struct group *grp; - const struct passwd *pwd; - const struct spwd *spwd = NULL; int anyflag = 0; if (argc == 1 || argv[argc - 1][0] == '-') usage (); - if (!(pwd = getpwnam (argv[argc - 1]))) { - fprintf (stderr, _("%s: user %s does not exist\n"), - Prog, argv[argc - 1]); - exit (E_NOTFOUND); - } + { + const struct passwd *pwd; + /* local, no need for xgetpwnam */ + if (!(pwd = getpwnam (argv[argc - 1]))) { + fprintf (stderr, _("%s: user %s does not exist\n"), + Prog, argv[argc - 1]); + exit (E_NOTFOUND); + } - user_name = argv[argc - 1]; - user_id = pwd->pw_uid; - user_gid = pwd->pw_gid; - user_comment = xstrdup (pwd->pw_gecos); - user_home = xstrdup (pwd->pw_dir); - user_shell = xstrdup (pwd->pw_shell); + user_name = argv[argc - 1]; + user_id = pwd->pw_uid; + user_gid = pwd->pw_gid; + user_comment = xstrdup (pwd->pw_gecos); + user_home = xstrdup (pwd->pw_dir); + user_shell = xstrdup (pwd->pw_shell); + } #ifdef WITH_AUDIT user_newname = user_name; user_newid = user_id; @@ -854,13 +856,17 @@ static void process_flags (int argc, char **argv) } #endif - if (is_shadow_pwd && (spwd = getspnam (user_name))) { - user_expire = spwd->sp_expire; - user_inactive = spwd->sp_inact; + { + const struct spwd *spwd = NULL; + /* local, no need for xgetspnam */ + if (is_shadow_pwd && (spwd = getspnam (user_name))) { + user_expire = spwd->sp_expire; + user_inactive = spwd->sp_inact; #ifdef WITH_AUDIT - user_newexpire = user_expire; - user_newinactive = user_inactive; + user_newexpire = user_expire; + user_newinactive = user_inactive; #endif + } } { @@ -923,7 +929,7 @@ static void process_flags (int argc, char **argv) #ifdef WITH_AUDIT user_newexpire = strtoday (optarg); if (user_newexpire == -1) { -#else +#else /* } */ user_expire = strtoday (optarg); if (user_expire == -1) { #endif @@ -1082,11 +1088,13 @@ static void process_flags (int argc, char **argv) if (uflg && user_id == user_newid) uflg = oflg = 0; + /* local, no need for xgetpwnam */ if (lflg && getpwnam (user_newname)) { fprintf (stderr, _("%s: user %s exists\n"), Prog, user_newname); exit (E_NAME_IN_USE); } + /* local, no need for xgetpwuid */ if (uflg && !oflg && getpwuid (user_newid)) { fprintf (stderr, _("%s: uid %lu is not unique\n"), Prog, (unsigned long) user_newid); @@ -1211,9 +1219,6 @@ static void open_files (void) } #endif } - - - } /* @@ -1492,7 +1497,6 @@ int main (int argc, char **argv) { #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -1525,13 +1529,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("usermod", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) {