From 9adfc136b6624c95270c066cc3e8c559f3daee0a Mon Sep 17 00:00:00 2001 From: nekral-guest Date: Sun, 18 Nov 2007 23:15:26 +0000 Subject: [PATCH] * lib/prototypes.h, configure.in, libmisc/Makefile.am, libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c, libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c: Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(), xgetgrgid(), and xgetspnam(). They allocate memory for the returned structure and are more robust to successive calls. They are implemented with the libc's getxxyyy_r() functions if available. * libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c, libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c, libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c, src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c, src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c, src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/groupadd.c, src/chage.c, src/login.c, src/suauth.c, src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the usage of one of the getpwnam(), getpwuid(), getgrnam(), getgrgid(), and getspnam() functions. It was noticed on http://bugs.debian.org/341230 that chfn and chsh use a passwd structure after calling a pam function, which result in using information from the passwd structure requested by pam, not the original one. It is much easier to use the new xget... functions to avoid these issues. I've checked which call to the original get... functions could be left (reducing the scope of the structure if possible), and I've left comments to ease future reviews (e.g. /* local, no need for xgetpwnam */). Note: the getpwent/getgrent calls should probably be checked also. * src/groupdel.c, src/expiry.c: Fix typos in comments. * src/groupmod.c: Re-indent. * libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c, lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the ___dup functions (used by the xget... functions) from the io.c files to the new mem.c files. This avoid linking some utils against the SELinux library. --- ChangeLog | 45 ++++++++++++++++++ configure.in | 3 +- lib/groupio.c | 26 ----------- lib/groupmem.c | 35 ++++++++++++++ lib/prototypes.h | 12 +++++ lib/pwio.c | 20 -------- lib/pwmem.c | 31 ++++++++++++ lib/shadowio.c | 13 ------ lib/shadowmem.c | 27 +++++++++++ libmisc/Makefile.am | 7 ++- libmisc/addgrps.c | 4 +- libmisc/chowntty.c | 2 +- libmisc/entry.c | 3 +- libmisc/limits.c | 1 + libmisc/myname.c | 5 +- libmisc/pwdcheck.c | 2 +- libmisc/rlogin.c | 2 +- libmisc/xgetXXbyYY.c | 109 +++++++++++++++++++++++++++++++++++++++++++ libmisc/xgetgrgid.c | 34 ++++++++++++++ libmisc/xgetgrnam.c | 34 ++++++++++++++ libmisc/xgetpwnam.c | 34 ++++++++++++++ libmisc/xgetpwuid.c | 34 ++++++++++++++ libmisc/xgetspnam.c | 32 +++++++++++++ src/chage.c | 17 ++++--- src/chfn.c | 19 ++++---- src/chgpasswd.c | 17 ++++--- src/chpasswd.c | 17 ++++--- src/chsh.c | 19 ++++---- src/expiry.c | 4 +- src/faillog.c | 7 ++- src/gpasswd.c | 5 +- src/groupadd.c | 20 ++++---- src/groupdel.c | 50 +++++++++++--------- src/groupmems.c | 21 +++++---- src/groupmod.c | 50 +++++++++++--------- src/groups.c | 7 ++- src/grpck.c | 3 ++ src/id.c | 9 ++-- src/lastlog.c | 2 +- src/login_nopam.c | 2 + src/newgrp.c | 9 ++-- src/newusers.c | 17 ++++--- src/passwd.c | 6 +-- src/pwck.c | 1 + src/su.c | 10 ++-- src/suauth.c | 2 +- src/useradd.c | 40 +++++++++------- src/userdel.c | 43 ++++++++++------- src/usermod.c | 70 +++++++++++++++------------ 49 files changed, 721 insertions(+), 261 deletions(-) create mode 100644 lib/groupmem.c create mode 100644 lib/pwmem.c create mode 100644 lib/shadowmem.c create mode 100644 libmisc/xgetXXbyYY.c create mode 100644 libmisc/xgetgrgid.c create mode 100644 libmisc/xgetgrnam.c create mode 100644 libmisc/xgetpwnam.c create mode 100644 libmisc/xgetpwuid.c create mode 100644 libmisc/xgetspnam.c diff --git a/ChangeLog b/ChangeLog index bcfb78d9..d694bc68 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,48 @@ +2007-11-18 Nicolas François + + * lib/prototypes.h, configure.in, libmisc/Makefile.am, + libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c, + libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c: + Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(), + xgetgrgid(), and xgetspnam(). They allocate memory for the + returned structure and are more robust to successive calls. They + are implemented with the libc's getxxyyy_r() functions if + available. + * libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c, + libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c, + libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c, + src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c, + src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c, + src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c, + src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c, + src/groupadd.c, src/chage.c, src/login.c, src/suauth.c, + src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the + usage of one of the getpwnam(), getpwuid(), getgrnam(), + getgrgid(), and getspnam() functions. It was noticed on + http://bugs.debian.org/341230 that chfn and chsh use a passwd + structure after calling a pam function, which result in using + information from the passwd structure requested by pam, not the + original one. It is much easier to use the new xget... functions + to avoid these issues. I've checked which call to the original + get... functions could be left (reducing the scope of the + structure if possible), and I've left comments to ease future + reviews (e.g. /* local, no need for xgetpwnam */). + Note: the getpwent/getgrent calls should probably be checked also. + * src/groupdel.c, src/expiry.c: Fix typos in comments. + * src/groupmod.c: Re-indent. + * libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c, + lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the ___dup + functions (used by the xget... functions) from the io.c files + to the new mem.c files. This avoid linking some utils against + the SELinux library. + +2007-11-18 Nicolas François + + * man/pl/pl.po: Fix typo: chgpassw -> chgpasswd. + * man/pl/Makefile.am: Fix typo: chgpassw -> chgpasswd. + * man/de/de.po: groups shall not be translated (for command, + refname, or refentrytitle). + 2007-11-18 Nicolas François * src/login.c: Fix typo introduced while fixing diff --git a/configure.in b/configure.in index f86812b8..ad622e66 100644 --- a/configure.in +++ b/configure.in @@ -36,7 +36,8 @@ AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \ AC_CHECK_FUNCS(l64a fchmod fchown fsync getgroups gethostname getspnam \ gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \ - memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr) + memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \ + getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r) AC_SYS_LARGEFILE dnl Checks for typedefs, structures, and compiler characteristics. diff --git a/lib/groupio.c b/lib/groupio.c index a281dd0e..18a8f49a 100644 --- a/lib/groupio.c +++ b/lib/groupio.c @@ -10,32 +10,6 @@ extern int putgrent (const struct group *, FILE *); extern struct group *sgetgrent (const char *); -struct group *__gr_dup (const struct group *grent) -{ - struct group *gr; - int i; - - if (!(gr = (struct group *) malloc (sizeof *gr))) - return NULL; - *gr = *grent; - if (!(gr->gr_name = strdup (grent->gr_name))) - return NULL; - if (!(gr->gr_passwd = strdup (grent->gr_passwd))) - return NULL; - - for (i = 0; grent->gr_mem[i]; i++); - gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *)); - if (!gr->gr_mem) - return NULL; - for (i = 0; grent->gr_mem[i]; i++) { - gr->gr_mem[i] = strdup (grent->gr_mem[i]); - if (!gr->gr_mem[i]) - return NULL; - } - gr->gr_mem[i] = NULL; - return gr; -} - static void *group_dup (const void *ent) { const struct group *gr = ent; diff --git a/lib/groupmem.c b/lib/groupmem.c new file mode 100644 index 00000000..0ad0bee8 --- /dev/null +++ b/lib/groupmem.c @@ -0,0 +1,35 @@ + +#include + +#ident "$Id: groupio.c 1342 2007-11-10 23:46:11Z nekral-guest $" + +#include "prototypes.h" +#include "defines.h" +#include "groupio.h" + +struct group *__gr_dup (const struct group *grent) +{ + struct group *gr; + int i; + + if (!(gr = (struct group *) malloc (sizeof *gr))) + return NULL; + *gr = *grent; + if (!(gr->gr_name = strdup (grent->gr_name))) + return NULL; + if (!(gr->gr_passwd = strdup (grent->gr_passwd))) + return NULL; + + for (i = 0; grent->gr_mem[i]; i++); + gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *)); + if (!gr->gr_mem) + return NULL; + for (i = 0; grent->gr_mem[i]; i++) { + gr->gr_mem[i] = strdup (grent->gr_mem[i]); + if (!gr->gr_mem[i]) + return NULL; + } + gr->gr_mem[i] = NULL; + return gr; +} + diff --git a/lib/prototypes.h b/lib/prototypes.h index 1ad2f1b4..e18d71e8 100644 --- a/lib/prototypes.h +++ b/lib/prototypes.h @@ -23,6 +23,7 @@ #endif #include #include +#include "shadowio.h" #include "defines.h" @@ -179,4 +180,15 @@ extern int valid (const char *, const struct passwd *); extern char *xmalloc (size_t); extern char *xstrdup (const char *); +/* xgetpwnam.c */ +extern struct passwd *xgetpwnam (const char *); +/* xgetpwuid.c */ +extern struct passwd *xgetpwuid (uid_t); +/* xgetgrnam.c */ +extern struct group *xgetgrnam (const char *); +/* xgetgrgid.c */ +extern struct group *xgetgrgid (gid_t); +/* xgetspnam.c */ +extern struct spwd *xgetspnam(const char *); + #endif /* _PROTOTYPES_H */ diff --git a/lib/pwio.c b/lib/pwio.c index 88fa4333..14702ff5 100644 --- a/lib/pwio.c +++ b/lib/pwio.c @@ -12,26 +12,6 @@ extern struct passwd *sgetpwent (const char *); extern int putpwent (const struct passwd *, FILE *); -struct passwd *__pw_dup (const struct passwd *pwent) -{ - struct passwd *pw; - - if (!(pw = (struct passwd *) malloc (sizeof *pw))) - return NULL; - *pw = *pwent; - if (!(pw->pw_name = strdup (pwent->pw_name))) - return NULL; - if (!(pw->pw_passwd = strdup (pwent->pw_passwd))) - return NULL; - if (!(pw->pw_gecos = strdup (pwent->pw_gecos))) - return NULL; - if (!(pw->pw_dir = strdup (pwent->pw_dir))) - return NULL; - if (!(pw->pw_shell = strdup (pwent->pw_shell))) - return NULL; - return pw; -} - static void *passwd_dup (const void *ent) { const struct passwd *pw = ent; diff --git a/lib/pwmem.c b/lib/pwmem.c new file mode 100644 index 00000000..155c7e71 --- /dev/null +++ b/lib/pwmem.c @@ -0,0 +1,31 @@ + +#include + +#ident "$Id: pwio.c 1342 2007-11-10 23:46:11Z nekral-guest $" + +#include "prototypes.h" +#include "defines.h" +#include +#include +#include "pwio.h" + +struct passwd *__pw_dup (const struct passwd *pwent) +{ + struct passwd *pw; + + if (!(pw = (struct passwd *) malloc (sizeof *pw))) + return NULL; + *pw = *pwent; + if (!(pw->pw_name = strdup (pwent->pw_name))) + return NULL; + if (!(pw->pw_passwd = strdup (pwent->pw_passwd))) + return NULL; + if (!(pw->pw_gecos = strdup (pwent->pw_gecos))) + return NULL; + if (!(pw->pw_dir = strdup (pwent->pw_dir))) + return NULL; + if (!(pw->pw_shell = strdup (pwent->pw_shell))) + return NULL; + return pw; +} + diff --git a/lib/shadowio.c b/lib/shadowio.c index 604bdbf0..b7bd2e1b 100644 --- a/lib/shadowio.c +++ b/lib/shadowio.c @@ -11,19 +11,6 @@ #include #include "commonio.h" #include "shadowio.h" -struct spwd *__spw_dup (const struct spwd *spent) -{ - struct spwd *sp; - - if (!(sp = (struct spwd *) malloc (sizeof *sp))) - return NULL; - *sp = *spent; - if (!(sp->sp_namp = strdup (spent->sp_namp))) - return NULL; - if (!(sp->sp_pwdp = strdup (spent->sp_pwdp))) - return NULL; - return sp; -} static void *shadow_dup (const void *ent) { diff --git a/lib/shadowmem.c b/lib/shadowmem.c new file mode 100644 index 00000000..0df34df2 --- /dev/null +++ b/lib/shadowmem.c @@ -0,0 +1,27 @@ + +#include + +#ident "$Id: shadowio.c 1342 2007-11-10 23:46:11Z nekral-guest $" + +#include "prototypes.h" +#include "defines.h" +#ifdef HAVE_SHADOW_H +# include +#endif +#include +#include "shadowio.h" + +struct spwd *__spw_dup (const struct spwd *spent) +{ + struct spwd *sp; + + if (!(sp = (struct spwd *) malloc (sizeof *sp))) + return NULL; + *sp = *spent; + if (!(sp->sp_namp = strdup (spent->sp_namp))) + return NULL; + if (!(sp->sp_pwdp = strdup (spent->sp_pwdp))) + return NULL; + return sp; +} + diff --git a/libmisc/Makefile.am b/libmisc/Makefile.am index fbd9a7a7..dd36e755 100644 --- a/libmisc/Makefile.am +++ b/libmisc/Makefile.am @@ -1,5 +1,5 @@ -EXTRA_DIST = .indent.pro +EXTRA_DIST = .indent.pro xgetXXbyYY.c INCLUDES = -I$(top_srcdir)/lib @@ -49,4 +49,9 @@ libmisc_a_SOURCES = \ ulimit.c \ utmp.c \ valid.c \ + xgetpwnam.c \ + xgetpwuid.c \ + xgetgrnam.c \ + xgetgrgid.c \ + xgetspnam.c \ xmalloc.c diff --git a/libmisc/addgrps.c b/libmisc/addgrps.c index f7d16a4a..1bf02e61 100644 --- a/libmisc/addgrps.c +++ b/libmisc/addgrps.c @@ -21,7 +21,6 @@ int add_groups (const char *list) { GETGROUPS_T *grouplist, *tmp; int i, ngroups, added; - struct group *grp; char *token; char buf[1024]; @@ -50,8 +49,9 @@ int add_groups (const char *list) added = 0; for (token = strtok (buf, SEP); token; token = strtok (NULL, SEP)) { + struct group *grp; - grp = getgrnam (token); + grp = getgrnam (token); /* local, no need for xgetgrnam */ if (!grp) { fprintf (stderr, _("Warning: unknown group %s\n"), token); diff --git a/libmisc/chowntty.c b/libmisc/chowntty.c index 38eec3fc..88361f46 100644 --- a/libmisc/chowntty.c +++ b/libmisc/chowntty.c @@ -77,7 +77,7 @@ void chown_tty (const char *tty, const struct passwd *info) gid = info->pw_gid; else if (group[0] >= '0' && group[0] <= '9') gid = atoi (group); - else if ((grent = getgrnam (group))) + else if ((grent = getgrnam (group))) /* local, no need for xgetgrnam */ gid = grent->gr_gid; else gid = info->pw_gid; diff --git a/libmisc/entry.c b/libmisc/entry.c index 736a43ff..5b95eba1 100644 --- a/libmisc/entry.c +++ b/libmisc/entry.c @@ -43,7 +43,7 @@ void pw_entry (const char *name, struct passwd *pwent) struct spwd *spwd; - if (!(passwd = getpwnam (name))) { + if (!(passwd = getpwnam (name))) { /* local, no need for xgetpwnam */ pwent->pw_name = (char *) 0; return; } else { @@ -55,6 +55,7 @@ void pw_entry (const char *name, struct passwd *pwent) pwent->pw_shell = xstrdup (passwd->pw_shell); #if !defined(AUTOSHADOW) setspent (); + /* local, no need for xgetspnam */ if ((spwd = getspnam (name))) { pwent->pw_passwd = xstrdup (spwd->sp_pwdp); endspent (); diff --git a/libmisc/limits.c b/libmisc/limits.c index 955ee390..80c23f77 100644 --- a/libmisc/limits.c +++ b/libmisc/limits.c @@ -377,6 +377,7 @@ static void setup_usergroups (const struct passwd *info) * (examples: 022 -> 002, 077 -> 007). */ if (info->pw_uid != 0 && info->pw_uid == info->pw_gid) { + /* local, no need for xgetgrgid */ grp = getgrgid (info->pw_gid); if (grp && (strcmp (info->pw_name, grp->gr_name) == 0)) { oldmask = umask (0777); diff --git a/libmisc/myname.c b/libmisc/myname.c index 3efbb580..fac2345a 100644 --- a/libmisc/myname.c +++ b/libmisc/myname.c @@ -31,8 +31,9 @@ struct passwd *get_my_pwent (void) * XXX - when running from su, will return the current user (not * the original user, like getlogin() does). Does this matter? */ - if (cp && *cp && (pw = getpwnam (cp)) && pw->pw_uid == ruid) + if (cp && *cp && (pw = xgetpwnam (cp)) && pw->pw_uid == ruid) return pw; - return getpwuid (ruid); + return xgetpwuid (ruid); } + diff --git a/libmisc/pwdcheck.c b/libmisc/pwdcheck.c index 3c9f5ff1..7cef447d 100644 --- a/libmisc/pwdcheck.c +++ b/libmisc/pwdcheck.c @@ -46,7 +46,7 @@ void passwd_check (const char *user, const char *passwd, const char *progname) struct spwd *sp; - if ((sp = getspnam (user))) + if ((sp = getspnam (user))) /* !USE_PAM, no need for xgetspnam */ passwd = sp->sp_pwdp; endspent (); if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) { diff --git a/libmisc/rlogin.c b/libmisc/rlogin.c index 4077b7ba..e89934fd 100644 --- a/libmisc/rlogin.c +++ b/libmisc/rlogin.c @@ -162,7 +162,7 @@ do_rlogin (const char *remote_host, char *name, int namelen, char *term, #endif STTY (0, &termio); - if (!(pwd = getpwnam (name))) + if (!(pwd = getpwnam (name))) /* local, no need for xgetpwnam */ return 0; /* diff --git a/libmisc/xgetXXbyYY.c b/libmisc/xgetXXbyYY.c new file mode 100644 index 00000000..fe2454f1 --- /dev/null +++ b/libmisc/xgetXXbyYY.c @@ -0,0 +1,109 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#include +#include +#include +#include "config.h" +#include "prototypes.h" + +#define XFUNCTION_NAME XPREFIX (FUNCTION_NAME) +#define XPREFIX(name) XPREFIX1 (name) +#define XPREFIX1(name) x##name +#define REENTRANT_NAME APPEND_R (FUNCTION_NAME) +#define APPEND_R(name) APPEND_R1 (name) +#define APPEND_R1(name) name##_r +#define STRINGIZE(name) STRINGIZE1 (name) +#define STRINGIZE1(name) #name + +LOOKUP_TYPE *XFUNCTION_NAME (ARG_TYPE ARG_NAME) +{ +#if HAVE_FUNCTION_R + LOOKUP_TYPE *result=NULL; + char *buffer=NULL; + /* we have to start with something */ + size_t length = 0x100; + + result = malloc(sizeof(LOOKUP_TYPE)); + if (NULL == result) { + fprintf (stderr, _("%s: out of memory\n"), + "x" STRINGIZE(FUNCTION_NAME)); + exit (13); + } + + do { + int status; + LOOKUP_TYPE *resbuf = NULL; + buffer = (char *)realloc (buffer, length); + if (NULL == buffer) { + fprintf (stderr, _("%s: out of memory\n"), + "x" STRINGIZE(FUNCTION_NAME)); + exit (13); + } + errno = 0; + status = REENTRANT_NAME(ARG_NAME, result, buffer, + length, &resbuf); + if (!status && (resbuf == result)) { + /* Build a result structure that can be freed by + * the shadow *_free functions. */ + LOOKUP_TYPE *ret_result = DUP_FUNCTION(result); + free(buffer); + free(result); + return ret_result; + } + + if (ERANGE != errno) { + free (buffer); + free (result); + return NULL; + } + + length *= 4; + } while (length < MAX_LENGTH); + + free(buffer); + free(result); + return NULL; + +#else /* !HAVE_FUNCTION_R */ + + /* No reentrant function. + * Duplicate the structure to avoid other call to overwrite it. + * + * We should also restore the initial structure. But that would be + * overkill. + */ + LOOKUP_TYPE *result = FUNCTION_NAME(ARG_NAME); + + if (result) { +// result = DUP_FUNCTION(result); + if (NULL == result) { + fprintf (stderr, _("%s: out of memory\n"), + "x" STRINGIZE(FUNCTION_NAME)); + exit (13); + } + } + + return result; +#endif +} + diff --git a/libmisc/xgetgrgid.c b/libmisc/xgetgrgid.c new file mode 100644 index 00000000..52c8ee93 --- /dev/null +++ b/libmisc/xgetgrgid.c @@ -0,0 +1,34 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#include "groupio.h" + +#define LOOKUP_TYPE struct group +#define FUNCTION_NAME getgrgid +#define ARG_TYPE gid_t +#define ARG_NAME gid +#define DUP_FUNCTION __gr_dup +#define MAX_LENGTH 0x8000 +#define HAVE_FUNCTION_R (defined HAVE_GETGRGID_R) + +#include "xgetXXbyYY.c" + diff --git a/libmisc/xgetgrnam.c b/libmisc/xgetgrnam.c new file mode 100644 index 00000000..3fe922e5 --- /dev/null +++ b/libmisc/xgetgrnam.c @@ -0,0 +1,34 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#include "groupio.h" + +#define LOOKUP_TYPE struct group +#define FUNCTION_NAME getgrnam +#define ARG_TYPE const char * +#define ARG_NAME name +#define DUP_FUNCTION __gr_dup +#define MAX_LENGTH 0x8000 +#define HAVE_FUNCTION_R (defined HAVE_GETGRNAM_R) + +#include "xgetXXbyYY.c" + diff --git a/libmisc/xgetpwnam.c b/libmisc/xgetpwnam.c new file mode 100644 index 00000000..e2f58ba5 --- /dev/null +++ b/libmisc/xgetpwnam.c @@ -0,0 +1,34 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#include "pwio.h" + +#define LOOKUP_TYPE struct passwd +#define FUNCTION_NAME getpwnam +#define ARG_TYPE const char * +#define ARG_NAME name +#define DUP_FUNCTION __pw_dup +#define MAX_LENGTH 0x8000 +#define HAVE_FUNCTION_R (defined HAVE_GETPWNAM_R) + +#include "xgetXXbyYY.c" + diff --git a/libmisc/xgetpwuid.c b/libmisc/xgetpwuid.c new file mode 100644 index 00000000..01ef78d7 --- /dev/null +++ b/libmisc/xgetpwuid.c @@ -0,0 +1,34 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#include "pwio.h" + +#define LOOKUP_TYPE struct passwd +#define FUNCTION_NAME getpwuid +#define ARG_TYPE uid_t +#define ARG_NAME uid +#define DUP_FUNCTION __pw_dup +#define MAX_LENGTH 0x8000 +#define HAVE_FUNCTION_R (defined HAVE_GETPWUID_R) + +#include "xgetXXbyYY.c" + diff --git a/libmisc/xgetspnam.c b/libmisc/xgetspnam.c new file mode 100644 index 00000000..b394ef06 --- /dev/null +++ b/libmisc/xgetspnam.c @@ -0,0 +1,32 @@ +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provide wrapper to the getpwnam or getpwnam_r functions. + */ + +#define LOOKUP_TYPE struct spwd +#define FUNCTION_NAME getspnam +#define ARG_TYPE const char * +#define ARG_NAME name +#define DUP_FUNCTION __spw_dup +#define MAX_LENGTH 0x8000 +#define HAVE_FUNCTION_R (defined HAVE_GETSPNAM_R) + +#include "xgetXXbyYY.c" + diff --git a/src/chage.c b/src/chage.c index 99791c8b..c171eb27 100644 --- a/src/chage.c +++ b/src/chage.c @@ -330,7 +330,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -454,13 +453,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("chage", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("chage", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/chfn.c b/src/chfn.c index 88459c7e..68118065 100644 --- a/src/chfn.c +++ b/src/chfn.c @@ -229,7 +229,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -317,7 +316,7 @@ int main (int argc, char **argv) */ if (optind < argc) { user = argv[optind]; - pw = getpwnam (user); + pw = xgetpwnam (user); if (!pw) { fprintf (stderr, _("%s: unknown user %s\n"), Prog, user); @@ -394,13 +393,17 @@ int main (int argc, char **argv) #else /* !USE_PAM */ retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("chfn", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/chgpasswd.c b/src/chgpasswd.c index e9c24f56..185d7ad0 100644 --- a/src/chgpasswd.c +++ b/src/chgpasswd.c @@ -95,7 +95,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif #ifndef SHADOWGRP @@ -144,13 +143,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("chpasswd", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/chpasswd.c b/src/chpasswd.c index c6bea656..c8b00607 100644 --- a/src/chpasswd.c +++ b/src/chpasswd.c @@ -92,7 +92,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -138,13 +137,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("chpasswd", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/chsh.c b/src/chsh.c index 4019f0a5..931de15d 100644 --- a/src/chsh.c +++ b/src/chsh.c @@ -182,7 +182,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -248,7 +247,7 @@ int main (int argc, char **argv) */ if (optind < argc) { user = argv[optind]; - pw = getpwnam (user); + pw = xgetpwnam (user); if (!pw) { fprintf (stderr, _("%s: unknown user %s\n"), Prog, user); @@ -341,13 +340,17 @@ int main (int argc, char **argv) #else /* !USE_PAM */ retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("chsh", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/expiry.c b/src/expiry.c index b53cfe08..f1aeb1db 100644 --- a/src/expiry.c +++ b/src/expiry.c @@ -61,7 +61,7 @@ static void usage (void) /* * expiry - check and enforce password expiration policy * - * expiry checks (-c) the current password expiraction and forces (-f) + * expiry checks (-c) the current password expiration and forces (-f) * changes when required. It is callable as a normal user command. */ int main (int argc, char **argv) @@ -101,7 +101,7 @@ int main (int argc, char **argv) fprintf (stderr, _("%s: unknown user\n"), Prog); exit (10); } - spwd = getspnam (pwd->pw_name); + spwd = getspnam (pwd->pw_name); /* !USE_PAM, No need for xgetspnam */ /* * If checking accounts, use agecheck() function. diff --git a/src/faillog.c b/src/faillog.c index b64ef385..91ce58b3 100644 --- a/src/faillog.c +++ b/src/faillog.c @@ -93,7 +93,7 @@ static void print_one (const struct faillog *fl, uid_t uid) ("Login Failures Maximum Latest On\n")); once++; } - pwent = getpwuid (uid); + pwent = getpwuid (uid); /* local, no need for xgetpwuid */ time (&now); tm = localtime (&fl->fail_time); #ifdef HAVE_STRFTIME @@ -291,7 +291,6 @@ static void set_locktime (long locktime) int main (int argc, char **argv) { int anyflag = 0; - struct passwd *pwent; setlocale (LC_ALL, ""); bindtextdomain (PACKAGE, LOCALEDIR); @@ -350,9 +349,12 @@ int main (int argc, char **argv) tflg++; break; case 'u': + { + struct passwd *pwent; if (aflg) usage (); + /* local, no need for xgetpwnam */ pwent = getpwnam (optarg); if (!pwent) { fprintf (stderr, @@ -363,6 +365,7 @@ int main (int argc, char **argv) uflg++; user = pwent->pw_uid; break; + } default: usage (); } diff --git a/src/gpasswd.c b/src/gpasswd.c index f370c244..f8f6832d 100644 --- a/src/gpasswd.c +++ b/src/gpasswd.c @@ -140,7 +140,7 @@ static int check_list (const char *users) * This user must exist. */ - if (!getpwnam (username)) { + if (!getpwnam (username)) { /* local, no need for xgetpwnam */ fprintf (stderr, _("%s: unknown user %s\n"), Prog, username); errors++; @@ -217,6 +217,7 @@ int main (int argc, char **argv) switch (flag) { case 'a': /* add a user */ user = optarg; + /* local, no need for xgetpwnam */ if (!getpwnam (user)) { fprintf (stderr, _("%s: unknown user %s\n"), Prog, @@ -320,7 +321,7 @@ int main (int argc, char **argv) if (!(group = argv[optind])) usage (); - if (!(gr = getgrnam (group))) { + if (!(gr = getgrnam (group))) { /* dup, no need for xgetgrnam */ fprintf (stderr, _("unknown group: %s\n"), group); #ifdef WITH_AUDIT audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "group lookup", group, diff --git a/src/groupadd.c b/src/groupadd.c index 9e8cffcc..b4d05235 100644 --- a/src/groupadd.c +++ b/src/groupadd.c @@ -259,6 +259,7 @@ static void find_new_gid (void) if (!grp) break; #else + /* local, no need for xgetgrgid */ if (!getgrgid (group_id)) break; #endif @@ -395,7 +396,6 @@ int main (int argc, char **argv) { #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -490,13 +490,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("groupadd", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { @@ -526,7 +530,7 @@ int main (int argc, char **argv) /* * Start with a quick check to see if the group exists. */ - if (getgrnam (group_name)) { + if (getgrnam (group_name)) { /* local, no need for xgetgrnam */ if (fflg) { exit (E_SUCCESS); } diff --git a/src/groupdel.c b/src/groupdel.c index 25e641f0..f89f7066 100644 --- a/src/groupdel.c +++ b/src/groupdel.c @@ -188,7 +188,7 @@ static void group_busy (gid_t gid) endpwent (); /* - * If pwd isn't NULL, it stopped becaues the gid's matched. + * If pwd isn't NULL, it stopped because the gid's matched. */ if (pwd == (struct passwd *) 0) @@ -213,11 +213,8 @@ static void group_busy (gid_t gid) int main (int argc, char **argv) { - struct group *grp; - #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -245,13 +242,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("groupdel", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { @@ -278,20 +279,25 @@ int main (int argc, char **argv) is_shadow_grp = sgr_file_present (); #endif - /* - * Start with a quick check to see if the group exists. - */ - if (!(grp = getgrnam (group_name))) { - fprintf (stderr, _("%s: group %s does not exist\n"), - Prog, group_name); + { + struct group *grp; + /* + * Start with a quick check to see if the group exists. + */ + /* local, no need for xgetgrnam */ + if (!(grp = getgrnam (group_name))) { + fprintf (stderr, _("%s: group %s does not exist\n"), + Prog, group_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "deleting group", - group_name, -1, 0); + audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + "deleting group", + group_name, -1, 0); #endif - exit (E_NOTFOUND); - } + exit (E_NOTFOUND); + } - group_id = grp->gr_gid; /* LAUS */ + group_id = grp->gr_gid; /* LAUS */ + } #ifdef USE_NIS /* @@ -321,7 +327,7 @@ int main (int argc, char **argv) * Now check to insure that this isn't the primary group of * anyone. */ - group_busy (grp->gr_gid); + group_busy (group_id); /* * Do the hard stuff - open the files, delete the group entries, diff --git a/src/groupmems.c b/src/groupmems.c index 69ac54cb..97252e9d 100644 --- a/src/groupmems.c +++ b/src/groupmems.c @@ -76,14 +76,16 @@ static int isroot (void) static int isgroup (void) { gid_t g = getgid (); - struct group *grp = getgrgid (g); + struct group *grp = getgrgid (g); /* local, no need for xgetgrgid */ return TRUE; } static char *whoami (void) { + /* local, no need for xgetgrgid */ struct group *grp = getgrgid (getgid ()); + /* local, no need for xgetpwuid */ struct passwd *usr = getpwuid (getuid ()); if (0 == strcmp (usr->pw_name, grp->gr_name)) { @@ -173,7 +175,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -239,13 +240,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("groupmod", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/groupmod.c b/src/groupmod.c index 78c9f7ef..ce3d3bd9 100644 --- a/src/groupmod.c +++ b/src/groupmod.c @@ -73,7 +73,7 @@ static gid_t group_newid; static char *Prog; static int - oflg = 0, /* permit non-unique group ID to be specified with -g */ + oflg = 0, /* permit non-unique group ID to be specified with -g */ gflg = 0, /* new ID value for the group */ nflg = 0; /* a new name has been specified for the group */ @@ -257,7 +257,7 @@ static void check_new_gid (void) return; } - if (oflg || !getgrgid (group_newid)) + if (oflg || !getgrgid (group_newid)) /* local, no need for xgetgrgid */ return; /* @@ -292,6 +292,7 @@ static void check_new_name (void) /* * If the entry is found, too bad. */ + /* local, no need for xgetgrnam */ if (getgrnam (group_newname)) { fprintf (stderr, _("%s: %s is not a unique name\n"), Prog, @@ -457,11 +458,8 @@ static void open_files (void) */ int main (int argc, char **argv) { - struct group *grp; - #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -485,13 +483,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("groupmod", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { @@ -517,19 +519,23 @@ int main (int argc, char **argv) #ifdef SHADOWGRP is_shadow_grp = sgr_file_present (); #endif - /* - * Start with a quick check to see if the group exists. - */ - if (!(grp = getgrnam (group_name))) { - fprintf (stderr, _("%s: group %s does not exist\n"), - Prog, group_name); + { + struct group *grp; + /* + * Start with a quick check to see if the group exists. + */ + /* local, no need for xgetgrnam */ + if (!(grp = getgrnam (group_name))) { + fprintf (stderr, _("%s: group %s does not exist\n"), + Prog, group_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "modifying group", - group_name, -1, 0); + audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + "modifying group", group_name, -1, 0); #endif - exit (E_NOTFOUND); - } else - group_id = grp->gr_gid; + exit (E_NOTFOUND); + } else + group_id = grp->gr_gid; + } #ifdef WITH_AUDIT /* Set new name/id to original if not specified on command line */ diff --git a/src/groups.c b/src/groups.c index 14c0a7d7..53fdfb7d 100644 --- a/src/groups.c +++ b/src/groups.c @@ -59,6 +59,7 @@ static void print_groups (const char *member) setgrent (); + /* local, no need for xgetpwnam */ if ((pwd = getpwnam (member)) == 0) { fprintf (stderr, _("%s: unknown user %s\n"), Prog, member); exit (1); @@ -73,6 +74,7 @@ static void print_groups (const char *member) flag = 1; } } + /* local, no need for xgetgrgid */ if (!flag && (grp = getgrgid (pwd->pw_gid))) { if (groups++) putchar (' '); @@ -95,7 +97,6 @@ int main (int argc, char **argv) GETGROUPS_T *groups; int pri_grp; int i; - struct group *gr; #else char *logname; char *getlogin (); @@ -150,6 +151,8 @@ int main (int argc, char **argv) * values. */ if (pri_grp != -1) { + struct group *gr; + /* local, no need for xgetgrgid */ if ((gr = getgrgid (pri_grp))) printf ("%s", gr->gr_name); else @@ -157,9 +160,11 @@ int main (int argc, char **argv) } for (i = 0; i < ngroups; i++) { + struct group *gr; if (i || pri_grp != -1) putchar (' '); + /* local, no need for xgetgrgid */ if ((gr = getgrgid (groups[i]))) printf ("%s", gr->gr_name); else diff --git a/src/grpck.c b/src/grpck.c index 0dc2adec..1b761598 100644 --- a/src/grpck.c +++ b/src/grpck.c @@ -377,6 +377,7 @@ int main (int argc, char **argv) * Make sure each member exists */ for (i = 0; grp->gr_mem[i]; i++) { + /* local, no need for xgetpwnam */ if (getpwnam (grp->gr_mem[i])) continue; /* @@ -597,6 +598,7 @@ int main (int argc, char **argv) * Make sure each administrator exists */ for (i = 0; sgr->sg_adm[i]; i++) { + /* local, no need for xgetpwnam */ if (getpwnam (sgr->sg_adm[i])) continue; /* @@ -626,6 +628,7 @@ int main (int argc, char **argv) * Make sure each member exists */ for (i = 0; sgr->sg_mem[i]; i++) { + /* local, no need for xgetpwnam */ if (getpwnam (sgr->sg_mem[i])) continue; diff --git a/src/id.c b/src/id.c index a2f06ab5..d26d2a63 100644 --- a/src/id.c +++ b/src/id.c @@ -118,13 +118,13 @@ static void usage (void) * does not exist, just give the numerical value. */ - pw = getpwuid (ruid); + pw = getpwuid (ruid); /* local, no need for xgetpwuid */ if (pw) printf ("UID=%u(%s)", ruid, pw->pw_name); else printf ("UID=%u", ruid); - gr = getgrgid (rgid); + gr = getgrgid (rgid);; /* local, no need for xgetgrgid */ if (gr) printf (" GID=%u(%s)", rgid, gr->gr_name); else @@ -136,14 +136,14 @@ static void usage (void) */ if (ruid != euid) { - pw = getpwuid (euid); + pw = getpwuid (euid); /* local, no need for xgetpwuid */ if (pw) printf (" EUID=%u(%s)", euid, pw->pw_name); else printf (" EUID=%u", euid); } if (rgid != egid) { - gr = getgrgid (egid); + gr = getgrgid (egid); /* local, no need for xgetgrgid */ if (gr) printf (" EGID=%u(%s)", egid, gr->gr_name); else @@ -169,6 +169,7 @@ static void usage (void) if (i) putchar (','); + /* local, no need for xgetgrgid */ gr = getgrgid (groups[i]); if (gr) printf ("%u(%s)", groups[i], gr->gr_name); diff --git a/src/lastlog.c b/src/lastlog.c index d3dbc88c..a78f1b0e 100644 --- a/src/lastlog.c +++ b/src/lastlog.c @@ -199,7 +199,7 @@ int main (int argc, char **argv) bflg++; break; case 'u': - pwent = getpwnam (optarg); + pwent = xgetpwnam (optarg); if (!pwent) { fprintf (stderr, _("Unknown User: %s\n"), diff --git a/src/login_nopam.c b/src/login_nopam.c index f35f7541..720a55e0 100644 --- a/src/login_nopam.c +++ b/src/login_nopam.c @@ -222,6 +222,7 @@ static int user_match (const char *tok, const char *string) #endif } else if (string_match (tok, string)) { /* ALL or exact match */ return (YES); + /* local, no need for xgetgrnam */ } else if ((group = getgrnam (tok))) { /* try group membership */ for (i = 0; group->gr_mem[i]; i++) if (strcasecmp (string, group->gr_mem[i]) == 0) @@ -235,6 +236,7 @@ static int user_match (const char *tok, const char *string) * XXX - disabled by default for now. Need to verify that * getpwnam() doesn't have some nasty side effects. --marekm */ + /* local, no need for xgetpwnam */ if ((userinf = getpwnam (string))) if (userinf->pw_gid == group->gr_gid) return (YES); diff --git a/src/newgrp.c b/src/newgrp.c index 26c9dc25..089bb2f2 100644 --- a/src/newgrp.c +++ b/src/newgrp.c @@ -240,7 +240,7 @@ int main (int argc, char **argv) * Perhaps in the past, but the default behavior now depends on the * group entry, so it had better exist. -- JWP */ - if (!(grp = getgrgid (pwd->pw_gid))) { + if (!(grp = xgetgrgid (pwd->pw_gid))) { fprintf (stderr, _("unknown GID: %lu\n"), (unsigned long) pwd->pw_gid); SYSLOG ((LOG_CRIT, "unknown GID: %lu", @@ -319,7 +319,7 @@ int main (int argc, char **argv) * including the user's name in the member list of the user's login * group. -- JWP */ - if (!(grp = getgrnam (group))) { + if (!(grp = getgrnam (group))) { /* local, no need for xgetgrnam */ fprintf (stderr, _("unknown group: %s\n"), group); goto failure; } @@ -338,7 +338,7 @@ int main (int argc, char **argv) * * Re-read the group entry for further processing. */ - grp = getgrnam (group); + grp = xgetgrnam (group); } #ifdef SHADOWGRP if ((sgrp = getsgnam (group))) { @@ -364,7 +364,7 @@ int main (int argc, char **argv) * password, and the group has a password, she needs to give the * group password. */ - if ((spwd = getspnam (name))) + if ((spwd = xgetspnam (name))) pwd->pw_passwd = spwd->sp_pwdp; if (pwd->pw_passwd[0] == '\0' && grp->gr_passwd[0]) @@ -480,6 +480,7 @@ int main (int argc, char **argv) } } while ((pid == child && WIFSTOPPED (cst)) || (pid != child && errno == EINTR)); + /* local, no need for xgetgrgid */ SYSLOG ((LOG_INFO, "user `%s' (login `%s' on %s) returned to group `%s'", name, loginname, tty, diff --git a/src/newusers.c b/src/newusers.c index 6e9a6942..f2885902 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -289,7 +289,6 @@ int main (int argc, char **argv) #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -305,13 +304,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("newusers", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("newusers", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { diff --git a/src/passwd.c b/src/passwd.c index 30e3e9b4..8775e87c 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -399,7 +399,7 @@ static void print_status (const struct passwd *pw) { struct spwd *sp; - sp = getspnam (pw->pw_name); + sp = getspnam (pw->pw_name); /* local, no need for xgetspnam */ if (sp) { printf ("%s %s %s %ld %ld %ld %ld\n", pw->pw_name, @@ -803,7 +803,7 @@ int main (int argc, char **argv) exit (E_NOPERM); } - pw = getpwnam (name); + pw = xgetpwnam (name); if (!pw) { fprintf (stderr, _("%s: unknown user %s\n"), Prog, name); exit (E_NOPERM); @@ -843,7 +843,7 @@ int main (int argc, char **argv) /* * The user name is valid, so let's get the shadow file entry. */ - sp = getspnam (name); + sp = getspnam (name); /* !USE_PAM, no need for xgetspnam */ if (!sp) sp = pwd_to_spwd (pw); diff --git a/src/pwck.c b/src/pwck.c index 758e8e89..5fdf79b4 100644 --- a/src/pwck.c +++ b/src/pwck.c @@ -331,6 +331,7 @@ int main (int argc, char **argv) /* * Make sure the primary group exists */ + /* local, no need for xgetgrgid */ if (!quiet && !getgrgid (pwd->pw_gid)) { /* diff --git a/src/su.c b/src/su.c index 2568f101..a9e732bc 100644 --- a/src/su.c +++ b/src/su.c @@ -125,7 +125,7 @@ static int iswheel (const char *username) { struct group *grp; - grp = getgrnam ("wheel");; + grp = getgrnam ("wheel"); /* !USE_PAM, no need for xgetgrnam */ if (!grp || !grp->gr_mem) return 0; return is_on_list (grp->gr_mem, username); @@ -472,7 +472,7 @@ int main (int argc, char **argv) * Sort out the password of user calling su, in case needed later * -- chris */ - if ((spwd = getspnam (oldname))) + if ((spwd = getspnam (oldname))) /* !USE_PAM, no need for xgetspnam */ pw->pw_passwd = spwd->sp_pwdp; oldpass = xstrdup (pw->pw_passwd); #endif /* SU_ACCESS */ @@ -507,7 +507,7 @@ int main (int argc, char **argv) * The password file entries for the user is gotten and the account * validated. */ - if (!(pw = getpwnam (name))) { + if (!(pw = xgetpwnam (name))) { (void) fprintf (stderr, _("Unknown id: %s\n"), name); closelog (); exit (1); @@ -515,7 +515,7 @@ int main (int argc, char **argv) #ifndef USE_PAM spwd = NULL; if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0 - && (spwd = getspnam (name))) + && (spwd = getspnam (name))) /* !USE_PAM, no need for xgetspnam */ pw->pw_passwd = spwd->sp_pwdp; #endif /* !USE_PAM */ pwent = *pw; @@ -696,8 +696,10 @@ int main (int argc, char **argv) spwd = pwd_to_spwd (&pwent); if (expire (&pwent, spwd)) { + /* !USE_PAM, no need for xgetpwnam */ struct passwd *pwd = getpwnam (name); + /* !USE_PAM, no need for xgetspnam */ spwd = getspnam (name); if (pwd) pwent = *pwd; diff --git a/src/suauth.c b/src/suauth.c index 824daf6e..21f2a4e9 100644 --- a/src/suauth.c +++ b/src/suauth.c @@ -201,7 +201,7 @@ int isgrp (const char *name, const char *group) { struct group *grp; - grp = getgrnam (group); + grp = getgrnam (group); /* local, no need for xgetgrnam */ if (!grp || !grp->gr_mem) return 0; diff --git a/src/useradd.c b/src/useradd.c index 8d1d0963..f539f7fe 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -205,8 +205,8 @@ static struct group *getgr_nam_gid (const char *grname) gid = strtol (grname, &errptr, 10); if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && gid >= 0) - return getgrgid (gid); - return getgrnam (grname); + return xgetgrgid (gid); + return xgetgrnam (grname); } static long get_number (const char *numstr) @@ -252,7 +252,6 @@ static void get_defaults (void) FILE *fp; char buf[1024]; char *cp, *ep; - const struct group *grp; /* * Open the defaults file for reading. @@ -279,9 +278,11 @@ static void get_defaults (void) */ if (MATCH (buf, DGROUP)) { unsigned int val = (unsigned int) strtoul (cp, &ep, 10); + const struct group *grp; - if (*cp != '\0' && *ep == '\0') { /* valid number */ + if (*cp != '\0' && *ep == '\0') { /* valid number */ def_group = val; + /* local, no need for xgetgrgid */ if ((grp = getgrgid (def_group))) { def_gname = xstrdup (grp->gr_name); } else { @@ -289,6 +290,7 @@ static void get_defaults (void) _("%s: unknown GID %s\n"), Prog, cp); } + /* local, no need for xgetgrnam */ } else if ((grp = getgrnam (cp))) { def_group = grp->gr_gid; def_gname = xstrdup (cp); @@ -837,7 +839,7 @@ static void find_new_uid (void) #ifdef NO_GETPWENT pw_rewind (); while ((pwd = pw_next ())) { -#else /* using getpwent() we can check against NIS users etc. */ +#else /* using getpwent() we can check against NIS users etc. */ setpwent (); while ((pwd = getpwent ())) { #endif @@ -881,6 +883,7 @@ static void find_new_uid (void) if (!pwd) break; #else + /* local, no need for xgetpwuid */ if (!getpwuid (user_id)) break; #endif @@ -940,7 +943,7 @@ static void find_new_gid () #ifndef NO_GETGRENT /* glibc does have this, so ... */ /* A quick test gets here: if the UID is available * as a GID, go ahead and use it */ - if (!getgrgid (user_id)) { + if (!getgrgid (user_id)) { /* local, no need for xgetgrgid */ user_gid = user_id; return; } @@ -953,6 +956,7 @@ static void find_new_gid () if (!grp) break; #else + /* local, no need for xgetgrgid */ if (!getgrgid (user_gid)) break; #endif @@ -1497,6 +1501,7 @@ static void usr_update (void) * no user with this UID exists yet (entries for shared UIDs * are left unchanged). --marekm */ + /* local, no need for xgetpwuid */ if (!getpwuid (user_id)) { faillog_reset (user_id); lastlog_reset (user_id); @@ -1596,7 +1601,7 @@ static void create_mail (void) return; } - gr = getgrnam ("mail"); + gr = getgrnam ("mail"); /* local, no need for xgetgrnam */ if (!gr) { fprintf (stderr, _ @@ -1622,7 +1627,6 @@ int main (int argc, char **argv) { #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -1661,13 +1665,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("useradd", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("useradd", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) { @@ -1705,7 +1713,7 @@ int main (int argc, char **argv) /* * Start with a quick check to see if the user exists. */ - if (getpwnam (user_name)) { + if (getpwnam (user_name)) { /* local, no need for xgetpwnam */ fprintf (stderr, _("%s: user %s exists\n"), Prog, user_name); #ifdef WITH_AUDIT audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding user", @@ -1721,7 +1729,7 @@ int main (int argc, char **argv) * --bero */ if (!gflg) { - if (getgrnam (user_name)) { + if (getgrnam (user_name)) { /* local, no need for xgetgrnam */ fprintf (stderr, _ ("%s: group %s exists - if you want to add this user to that group, use -g.\n"), diff --git a/src/userdel.c b/src/userdel.c index 9abaa283..51b70dd3 100644 --- a/src/userdel.c +++ b/src/userdel.c @@ -179,7 +179,7 @@ static void update_groups (void) * now if they have a group with the same name as their * user name, with no members, we delete it. */ - grp = getgrnam (user_name); + grp = xgetgrnam (user_name); if (grp && getdef_bool ("USERGROUPS_ENAB") && (grp->gr_mem[0] == NULL)) { @@ -608,12 +608,10 @@ static void remove_mailbox (void) */ int main (int argc, char **argv) { - struct passwd *pwd; int errors = 0; #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -663,13 +661,19 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } - if (retval == PAM_SUCCESS) - retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh); + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } + + if (retval == PAM_SUCCESS) { + retval = pam_start ("userdel", pampw->pw_name, + &conv, &pamh); + } + } if (retval == PAM_SUCCESS) { retval = pam_authenticate (pamh, 0); @@ -698,14 +702,20 @@ int main (int argc, char **argv) * Start with a quick check to see if the user exists. */ user_name = argv[argc - 1]; - if (!(pwd = getpwnam (user_name))) { - fprintf (stderr, _("%s: user %s does not exist\n"), - Prog, user_name); + { + struct passwd *pwd; + /* local, no need for xgetpwnam */ + if (!(pwd = getpwnam (user_name))) { + fprintf (stderr, _("%s: user %s does not exist\n"), + Prog, user_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, - "deleting user not found", user_name, -1, 0); + audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + "deleting user not found", user_name, -1, 0); #endif - exit (E_NOTFOUND); + exit (E_NOTFOUND); + } + user_id = pwd->pw_uid; + user_home = xstrdup (pwd->pw_dir); } #ifdef USE_NIS @@ -727,8 +737,6 @@ int main (int argc, char **argv) exit (E_NOTFOUND); } #endif - user_id = pwd->pw_uid; - user_home = xstrdup (pwd->pw_dir); /* * Check to make certain the user isn't logged in. */ @@ -755,6 +763,7 @@ int main (int argc, char **argv) #ifdef EXTRA_CHECK_HOME_DIR /* This may be slow, the above should be good enough. */ if (rflg && !fflg) { + struct passwd *pwd; /* * For safety, refuse to remove the home directory if it * would result in removing some other user's home diff --git a/src/usermod.c b/src/usermod.c index 074b3e37..2b3bc6d3 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -174,8 +174,8 @@ static struct group *getgr_nam_gid (const char *grname) val = strtol (grname, &errptr, 10); if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && val >= 0) - return getgrgid (val); - return getgrnam (grname); + return xgetgrgid (val); + return xgetgrnam (grname); } /* @@ -805,26 +805,28 @@ static uid_t get_id (const char *uidstr) static void process_flags (int argc, char **argv) { const struct group *grp; - const struct passwd *pwd; - const struct spwd *spwd = NULL; int anyflag = 0; if (argc == 1 || argv[argc - 1][0] == '-') usage (); - if (!(pwd = getpwnam (argv[argc - 1]))) { - fprintf (stderr, _("%s: user %s does not exist\n"), - Prog, argv[argc - 1]); - exit (E_NOTFOUND); - } + { + const struct passwd *pwd; + /* local, no need for xgetpwnam */ + if (!(pwd = getpwnam (argv[argc - 1]))) { + fprintf (stderr, _("%s: user %s does not exist\n"), + Prog, argv[argc - 1]); + exit (E_NOTFOUND); + } - user_name = argv[argc - 1]; - user_id = pwd->pw_uid; - user_gid = pwd->pw_gid; - user_comment = xstrdup (pwd->pw_gecos); - user_home = xstrdup (pwd->pw_dir); - user_shell = xstrdup (pwd->pw_shell); + user_name = argv[argc - 1]; + user_id = pwd->pw_uid; + user_gid = pwd->pw_gid; + user_comment = xstrdup (pwd->pw_gecos); + user_home = xstrdup (pwd->pw_dir); + user_shell = xstrdup (pwd->pw_shell); + } #ifdef WITH_AUDIT user_newname = user_name; user_newid = user_id; @@ -854,13 +856,17 @@ static void process_flags (int argc, char **argv) } #endif - if (is_shadow_pwd && (spwd = getspnam (user_name))) { - user_expire = spwd->sp_expire; - user_inactive = spwd->sp_inact; + { + const struct spwd *spwd = NULL; + /* local, no need for xgetspnam */ + if (is_shadow_pwd && (spwd = getspnam (user_name))) { + user_expire = spwd->sp_expire; + user_inactive = spwd->sp_inact; #ifdef WITH_AUDIT - user_newexpire = user_expire; - user_newinactive = user_inactive; + user_newexpire = user_expire; + user_newinactive = user_inactive; #endif + } } { @@ -923,7 +929,7 @@ static void process_flags (int argc, char **argv) #ifdef WITH_AUDIT user_newexpire = strtoday (optarg); if (user_newexpire == -1) { -#else +#else /* } */ user_expire = strtoday (optarg); if (user_expire == -1) { #endif @@ -1082,11 +1088,13 @@ static void process_flags (int argc, char **argv) if (uflg && user_id == user_newid) uflg = oflg = 0; + /* local, no need for xgetpwnam */ if (lflg && getpwnam (user_newname)) { fprintf (stderr, _("%s: user %s exists\n"), Prog, user_newname); exit (E_NAME_IN_USE); } + /* local, no need for xgetpwuid */ if (uflg && !oflg && getpwuid (user_newid)) { fprintf (stderr, _("%s: uid %lu is not unique\n"), Prog, (unsigned long) user_newid); @@ -1211,9 +1219,6 @@ static void open_files (void) } #endif } - - - } /* @@ -1492,7 +1497,6 @@ int main (int argc, char **argv) { #ifdef USE_PAM pam_handle_t *pamh = NULL; - struct passwd *pampw; int retval; #endif @@ -1525,13 +1529,17 @@ int main (int argc, char **argv) #ifdef USE_PAM retval = PAM_SUCCESS; - pampw = getpwuid (getuid ()); - if (pampw == NULL) { - retval = PAM_USER_UNKNOWN; - } + { + struct passwd *pampw; + pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ + if (pampw == NULL) { + retval = PAM_USER_UNKNOWN; + } - if (retval == PAM_SUCCESS) { - retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh); + if (retval == PAM_SUCCESS) { + retval = pam_start ("usermod", pampw->pw_name, + &conv, &pamh); + } } if (retval == PAM_SUCCESS) {