VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
89d26e03dbe8d221d2390313801ac0cda722532d
shadow/lib/chkname.c
Tobias Stoeckmann bc0151d4d3 lib/chkname.c: Take NUL byte into account 
The _SC_LOGIN_NAME_MAX value includes space for the NUL byte.  The
length of name must smaller than this value to be valid.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Cherry-picked-from: 403a2e3771 ("lib/chkname.c: Take NUL byte into account")
Link: <https://github.com/shadow-maint/shadow/pull/935>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2024-02-05 00:46:30 +01:00

103 lines
2.2 KiB
C
Raw Blame History

/*
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
* SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
* SPDX-FileCopyrightText: 2005 - 2008, Nicolas François
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*
* is_valid_user_name(), is_valid_group_name() - check the new user/group
* name for validity;
* return values:
* true - OK
* false - bad name
*/
#include <config.h>
#ident "$Id$"
#include <ctype.h>
#include "defines.h"
#include "chkname.h"
int allow_bad_names = false;
static bool is_valid_name (const char *name)
{
if (allow_bad_names) {
return true;
}
/*
* User/group names must match gnu e-regex:
* [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
*
* as a non-POSIX, extension, allow "$" as the last char for
* sake of Samba 3.x "add machine script"
*
* Also do not allow fully numeric names or just "." or "..".
*/
int numeric;
if ('\0' == *name ||
('.' == *name && (('.' == name[1] && '\0' == name[2]) ||
'\0' == name[1])) ||
!((*name >= 'a' && *name <= 'z') ||
(*name >= 'A' && *name <= 'Z') ||
(*name >= '0' && *name <= '9') ||
*name == '_' ||
*name == '.')) {
return false;
}
numeric = isdigit(*name);
while ('\0' != *++name) {
if (!((*name >= 'a' && *name <= 'z') ||
(*name >= 'A' && *name <= 'Z') ||
(*name >= '0' && *name <= '9') ||
*name == '_' ||
*name == '.' ||
*name == '-' ||
(*name == '$' && name[1] == '\0')
)) {
return false;
}
numeric &= isdigit(*name);
}
return !numeric;
}
bool is_valid_user_name (const char *name)
{
size_t maxlen;
/*
* User names length are limited by the kernel
*/
maxlen = sysconf(_SC_LOGIN_NAME_MAX);
if (strlen(name) >= maxlen)
return false;
return is_valid_name (name);
}
bool is_valid_group_name (const char *name)
{
/*
* Arbitrary limit for group names.
* HP-UX 10 limits to 16 characters
*/
if ( (GROUP_NAME_MAX_LENGTH > 0)
&& (strlen (name) > GROUP_NAME_MAX_LENGTH)) {
return false;
}
return is_valid_name (name);
}
Reference in New Issue View Git Blame Copy Permalink