220b352b70
- Since strncpy(3) is not designed to write strings, but rather
(null-padded) character sequences (a.k.a. unterminated strings), we
had to manually append a '\0'. strlcpy(3) creates strings, so they
are always terminated. This removes dependencies between lines, and
also removes chances of accidents.
- Repurposing strncpy(3) to create strings requires calculating the
location of the terminating null byte, which involves a '-1'
calculation. This is a source of off-by-one bugs. The new code has
no '-1' calculations, so there's almost-zero chance of these bugs.
- strlcpy(3) doesn't padd with null bytes. Padding is relevant when
writing fixed-width buffers to binary files, when interfacing certain
APIs (I believe utmpx requires null padding at lease in some
systems), or when sending them to other processes or through the
network. This is not the case, so padding is effectively ignored.
- strlcpy(3) requires that the input string is really a string;
otherwise it crashes (SIGSEGV). Let's check if the input strings are
really strings:
- lib/fields.c:
- 'cp' was assigned from 'newft', and 'newft' comes from fgets(3).
- lib/gshadow.c:
- strlen(string) is calculated a few lines above.
- libmisc/console.c:
- 'cons' comes from getdef_str, which is a bit cryptic, but seems
to generate strings, I guess.1
- libmisc/date_to_str.c:
- It receives a string literal. :)
- libmisc/utmp.c:
- 'tname' comes from ttyname(3), which returns a string.
- src/su.c:
- 'tmp_name' has been passed to strcmp(3) a few lines above.
Signed-off-by: Alejandro Colomar <alx@kernel.org>
|
||
|---|---|---|
| .builds | ||
| .github | ||
| contrib | ||
| doc | ||
| docs | ||
| etc | ||
| lib | ||
| libmisc | ||
| libsubid | ||
| man | ||
| po | ||
| src | ||
| tests | ||
| .gitignore | ||
| .travis.yml | ||
| acinclude.m4 | ||
| AUTHORS.md | ||
| autogen.sh | ||
| ChangeLog | ||
| configure.ac | ||
| COPYING | ||
| Makefile.am | ||
| NEWS | ||
| README | ||
| README.md | ||
| SECURITY.md | ||
| shadow.spec.in | ||
| TODO | ||
shadow-utils
Introduction
The shadow-utils package includes the necessary programs for converting UNIX password files to the shadow password format, plus programs for managing user and group accounts. The pwconv command converts passwords to the shadow password format. The pwunconv command unconverts shadow passwords and generates a passwd file (a standard UNIX password file). The pwck command checks the integrity of password and shadow files. The lastlog command prints out the last login times for all users. The useradd, userdel, and usermod commands are used for managing user accounts. The groupadd, groupdel, and groupmod commands are used for managing group accounts.
Sites
Contacts
There are several ways to contact us:
- the general discussion mailing list
- the #shadow IRC channel on libera.chat:
- irc://irc.libera.chat/shadow
Mailing archives
- the general discussion mailing list archive
- the commit mailing list archive, only used for historical purposes
Authors and maintainers
Authors and maintainers are listed in AUTHORS.md.