VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,686 Commits 10 Branches 149 Tags
cd8a8da7dea1c015f6f1ce247b7bd5c14cfadc0f
Commit Graph

870 Commits

Author SHA1 Message Date
Alejandro Colomar
6266a916c2 lib/loginprompt.c: login_prompt(): Use strtcpy() instead of its pattern 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-10-30 21:52:21 -05:00
Alejandro Colomar
3daf3f0cc4 lib/getdef.c: Remove dead code 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-10-30 21:15:30 -05:00
Alejandro Colomar
0589cbc135 lib/fields.c: Remove dead code 
A few lines above, we've removed the '\n' already.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-10-30 21:15:30 -05:00
Alejandro Colomar
afc4b574b7 lib/alloc/realloc*.h: Always reallocate at least 1 byte 
glibc's realloc(3) is broken.  It was originally good (I believe) until
at some point, when it was changed to conform to C89, which had a bogus
specification that required that it returns NULL.  C99 fixed the mistake
from C89, and so glibc's realloc(3) is non-conforming to
C99/C11/POSIX.1-2008.  C17 broke again the definition of realloc(3).

Link: <https://github.com/shadow-maint/shadow/pull/1095>
Link: <https://nabijaczleweli.xyz/content/blogn_t/017-malloc0.html>
Link: <https://inbox.sourceware.org/libc-alpha/5gclfbrxfd7446gtwd2x2gfuquy7ukjdbrndphyfmfszxlft76@wwjz7spd4vd7/T/#t>
Co-developed-by: наб <nabijaczleweli@nabijaczleweli.xyz>
Signed-off-by: наб <nabijaczleweli@nabijaczleweli.xyz>
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Acked-by: Paul Eggert <eggert@cs.ucla.edu>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-10-22 10:53:06 +02:00
Alejandro Colomar
12aa29b576 lib/alloc/realloc*.h: Rename macro parameter 
This is in preparation for the following commit, which will need this
shorter parameter name to avoid breaking long lines.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-10-22 10:53:06 +02:00
Alejandro Colomar
276f3fde26 lib/gshadow.c: endsgent(): Remove dead assignment 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-10-13 20:40:02 -05:00
Alejandro Colomar
02d4af7f6f lib/port.c: portcmp(): Use strcmp(3) instead of its pattern 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-10-13 20:40:02 -05:00
Alejandro Colomar
f45adadd28 lib/, src/: Use stpspn() instead of its pattern 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-10-13 20:40:02 -05:00
Tobias Stoeckmann
e6a5484ced lib: Eliminate dead code 
The tz function is only called if ENV_TZ starts with a slash.

If the specified file cannot be read, the code implies that ENV_TZ
would be returned if it does not start with a slash.

Since we know that it DOES start with a slash, the code can be
simplified to state that "TZ=CST6CDT" is returned as a default if
the specified file cannot be read.

Benefit of this change is that strcpy's use case here can be
easier verified.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
 2024-09-29 12:23:05 +02:00
Tobias Stoeckmann
dd6cddd481 lib/run_part: Adjust style 
Remove some of these whitespaces.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
 2024-09-18 14:52:05 +02:00
Tobias Stoeckmann
76c97ed7ec lib/run_part: Unify error messages 
At least if they can be assigned directly to a function call.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
 2024-09-18 14:52:05 +02:00
Tobias Stoeckmann
62bd261fbe lib: Fix typo 
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
 2024-09-18 14:52:05 +02:00
Tobias Stoeckmann
6b4487e173 lib/run_part: Reduce visibility 
The run_part function is only used in run_part.c itself, so no
need to expose it to other files.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
 2024-09-18 14:52:05 +02:00
Tobias Stoeckmann
db395130d1 lib/run_part: Unify logging 
Use shadow_logfd for logging instead of fixed stderr to use
shadow's own logging infrastructure.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
 2024-09-18 14:52:05 +02:00
Tobias Stoeckmann
3ac50e1d02 lib/run_part: Use correct data types 
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
 2024-09-18 14:52:05 +02:00
Tobias Stoeckmann
81078c57fb Fix typos 
Typos in comments and configure output, i.e. no functional change.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
 2024-09-13 22:27:08 +02:00
Pino Toscano
b2b37863a6 lib/user_busy.c: Include <utmpx.h> 
Since:
- utmpx APIs are used in non-Linux code blocks
- <utmpx.h> is already unconditionally included in Linux parts in other
  files
then unconditionally include it in this file as well.

Signed-off-by: Pino Toscano <toscano.pino@tiscali.it>
 2024-09-12 11:43:39 +02:00
Alejandro Colomar
1c127bd173 lib/chkname.c: is_valid_{user,group}_name(): Set errno to distinguish the reasons 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-09-01 08:17:11 -05:00
Alejandro Colomar
f5806e0511 lib/: Chain free(strzero(s)) 
This reduces the repetition of the argument, which could be error-prone.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-08-30 21:44:07 -05:00
Alejandro Colomar
dab8de8a72 lib/string/memset/: memzero(), strzero(): Return the pointer 
This allows chaining with free(3) on the same line.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-08-30 21:44:07 -05:00
Alejandro Colomar
87a5145719 lib/: Move memzero.[ch] under lib/string/memset/ 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-08-30 21:44:07 -05:00
Alejandro Colomar
3dc840a56a lib/string/strftime.h: STRFTIME(): Tighten macro definition 
strftime(3) is not a variadic function; there's exactly one argument
after the format string.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-08-22 22:51:57 -05:00
Alejandro Colomar
683b3caa62 lib/, src/: Use %F instead of %Y-%m-%d with strftime(3) 
%F is specified by ISO C99.  It adds semantic meaning as printing an
ISO 8601 date.

Scripted change:

	$ cat ~/tmp/spatch/strftime_F.sp
	@@
	@@

	- "%Y-%m-%d"
	+ "%F"
	$ find contrib/ lib* src/ -type f \
	| xargs spatch --sp-file ~/tmp/spatch/strftime_F.sp --in-place

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-08-22 22:51:57 -05:00
Alejandro Colomar
3f5b4b5626 lib/, src/: Use local time for human-readable dates 
That is, use localtime_r(3) instead of gmtime_r(3).

Closes: <https://github.com/shadow-maint/shadow/issues/1057>
Reported-by: Gus Kenion <https://github.com/kenion>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Paul Eggert <eggert@cs.ucla.edu>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-08-01 10:12:44 +02:00
Alejandro Colomar
8a93576ff9 lib/chkname.c: An object cannot expand further than the universe in which it resides 
If you want a larger object, you'll have to wait at least until the
universe expands so much.

If an implementation doesn't recognize its own limitations, its a bug,
not a feature.

Closes: <https://github.com/shadow-maint/shadow/issues/1052>
Cc: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-15 15:01:11 +02:00
Alejandro Colomar
63297e836d lib/atoi/strtoi/, tests/: strto[iu]_(): 1 is an invalid base 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-11 22:42:58 -05:00
Alejandro Colomar
745281f295 lib/atoi/, *: Split files 2024-07-11 22:42:58 -05:00
Alejandro Colomar
b73c78581c lib/idmapping.c: get_map_ranges(): Don't exit() from a library function 
Fixes: ff2baed5db ("idmapping: add more checks for overflow")
Link: <ff2baed5db (r136635300)>
Reported-by: Alejandro Colomar <alx@kernel.org>
Suggested-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-11 22:42:58 -05:00
Alejandro Colomar
c46c6a6e5a lib/idmapping.c: get_map_ranges(): Simplify iterator variables 
Merge two iterator variables into one, and reduce its scope.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-11 22:42:58 -05:00
Alejandro Colomar
a184c2b555 lib/idmapping.c: get_map_ranges(): Remove dead code 
This test is impossible.  The limits specified in a2ul() already cover
this.

Link: <ff2baed5db (r136635300)>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-11 22:42:58 -05:00
Alejandro Colomar
7c43eb2c4e lib/idmapping.c: get_map_ranges(): Move range check to a2ul() call 
Link: <ff2baed5db (r136635300)>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-11 22:42:58 -05:00
Alejandro Colomar
57aa813c73 lib/idmapping.c: get_map_ranges(): Move range check to a2ul() call 
Link: <ff2baed5db (r136635300)>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-11 22:42:58 -05:00
Alejandro Colomar
5586f43d48 lib/idmapping.c: get_map_ranges(): Move range check to a2ul() calls 
Link: <ff2baed5db (r136635300)>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-11 22:42:58 -05:00
Alejandro Colomar
f89925c219 lib/idmapping.c: get_map_ranges(): Rename local variable 
For a pointer iterator used often, a single-letter identifier is more
appropriate.  That reduces the length of lines considerably, avoiding
unnecessary line breaks.  And since we initialize it with

	m = mappings;

it's clear what it is.

Link: <ff2baed5db (r136635300)>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-11 22:42:58 -05:00
Alejandro Colomar
c2ebd210e7 lib/limits.c: check_logins(): Report LOGIN_ERROR_LOGIN if str2ul() ERANGE 
Fixes: 10396f9536 ("* libmisc/limits.c: Parse the limits, umask, nice, maxlogin, file limit with getlog() / getulong().")
Link: <882cf59459>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-11 22:42:58 -05:00
Alejandro Colomar
d95b899bfc lib/nss.c: nss_init(): Use stpsep() instead of strtok_r(3) 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-08 20:25:01 -05:00
Alejandro Colomar
64409c28b7 lib/string/strchr/stpcspn.[ch]: stpcspn(): Remove unused function 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-08 20:25:01 -05:00
Alejandro Colomar
a33d7430ed lib/attr.h: ATTR_STRING(): It only accepts one argument 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-08 20:25:01 -05:00
Alejandro Colomar
d91b22cc2f lib/, src/: Use stpsep() instead of its pattern 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-08 20:25:01 -05:00
Alejandro Colomar
39da15614e lib/string/strtok/stpsep.[ch]: stpsep(): Add function 
This function is somewhat simpler to use than strsep(3) in some cases.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-08 20:25:01 -05:00
Chris Hofstaedtler
843c151f2c lib/find_new_[gu]id.c: include stdint.h for UINT16_MAX/UINT32_MAX 
Signed-off-by: Chris Hofstaedtler <zeha@debian.org>
 2024-07-08 01:19:49 +02:00
Alejandro Colomar
cee79c215a lib/port.c: getportent(): Use strsep(3) instead of its pattern 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-06 07:44:02 -05:00
Alejandro Colomar
882db57f24 lib/port.c: getportent(): Align variables 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-06 07:44:02 -05:00
Alejandro Colomar
b4b4ff633a lib/port.c: getttyuser(): Use pointer arithmetic to simplify 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-06 07:44:02 -05:00
Alejandro Colomar
d9d0117e80 lib/port.c: getportent(): Use equivalent code to parse equally-formatted fields 
The tty names field and the user names field have the same formatting:
a CSV terminated by a ':'.  Thus, we can --and should-- use the same
exact code for parsing both.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-06 07:44:02 -05:00
Alejandro Colomar
a198054456 lib/port.c: getportent(): Make sure the aren't too many fields in the CSV 
Otherwise, the line is invalidly formatted, and we ignore it.

Detailed explanation:

There are two conditions on which we break out of the loops that precede
these added checks:

-  j is too big (we've exhausted the space in the static arrays)

	$ grep -r -e PORT_TTY -e PORT_IDS lib/port.*
	lib/port.c:	static char *ttys[PORT_TTY + 1];	/* some pointers to tty names     */
	lib/port.c:	static char *users[PORT_IDS + 1];	/* some pointers to user ids     */
	lib/port.c:	for (cp = buf, j = 0; j < PORT_TTY; j++) {
	lib/port.c:			if ((',' == *cp) && (j < PORT_IDS)) {
	lib/port.h: * PORT_IDS - Allowable number of IDs per entry.
	lib/port.h: * PORT_TTY - Allowable number of TTYs per entry.
	lib/port.h:#define	PORT_IDS	64
	lib/port.h:#define	PORT_TTY	64

-  strpbrk(3) found a ':', which signals the end of the comma-sepatated
   list, and the start of the next colon-separated field.

If the first character in the remainder of the string is not a ':', it
means we've exhausted the array size, but the CSV list was longer, so
we'd be truncating it.  Consider the entire line invalid, and skip it.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-06 07:44:02 -05:00
Alejandro Colomar
c3f97e251e lib/port.c: getportent(): Make sure there are at least 2 ':' in the line 
Otherwise, the line is invalidly formatted, and we ignore it.

Closes: <https://github.com/shadow-maint/shadow/issues/1036>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-06 07:44:02 -05:00
Alejandro Colomar
f1f82c2105 lib/port.c: getportent(): Remove obvious comments 
And do some style changes on the corresponding code.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-06 07:44:02 -05:00
Alejandro Colomar
e790993c5d lib/port.c: getportent(): Rename goto label 
This label means we detected a bogus line, and want to skip it and jump
to the next one; rename it accordingly.  'again' seemed to say that it
was somehow looping on the same line.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-06 07:44:02 -05:00
Alejandro Colomar
bf84b3a855 lib/port.c: getttyuser(): Use goto to break out of nested loops 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-07-06 07:44:02 -05:00