diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2015-11-24 22:03:34 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2015-11-24 22:03:34 +0000 |
| commit | a50c5c6d0278c1f74811d7af263f0a1da4572ef4 (patch) | |
| tree | d0e56de3e26b5f1fd044285e3c541d6769b1bd32 /lib | |
| parent | aa7d58417b2629d9f94ae2572e2f74542c3ea214 (diff) | |
Use reentrant versions of getpw{nam,uid} and getgr{nam,gid} within
libc to avoid reusing the static buffers returned by the non-reentrant
versions. Since this is inside libc we can use constants for the
buffer sizes instead of having to call sysconf().
OK guenther@ deraadt@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libc/gen/auth_subr.3 | 23 | ||||
| -rw-r--r-- | lib/libc/gen/auth_subr.c | 14 | ||||
| -rw-r--r-- | lib/libc/gen/authenticate.3 | 34 | ||||
| -rw-r--r-- | lib/libc/gen/authenticate.c | 35 | ||||
| -rw-r--r-- | lib/libc/gen/getgrent.c | 4 | ||||
| -rw-r--r-- | lib/libc/gen/getpwent.c | 4 | ||||
| -rw-r--r-- | lib/libc/gen/glob.c | 14 | ||||
| -rw-r--r-- | lib/libc/gen/pwcache.c | 18 | ||||
| -rw-r--r-- | lib/libc/hidden/grp.h | 6 | ||||
| -rw-r--r-- | lib/libc/hidden/pwd.h | 6 | ||||
| -rw-r--r-- | lib/libc/net/rcmdsh.c | 9 | ||||
| -rw-r--r-- | lib/libc/net/ruserok.c | 8 |
12 files changed, 72 insertions, 103 deletions
diff --git a/lib/libc/gen/auth_subr.3 b/lib/libc/gen/auth_subr.3 index 5af21eb4b97..000386679e3 100644 --- a/lib/libc/gen/auth_subr.3 +++ b/lib/libc/gen/auth_subr.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: auth_subr.3,v 1.22 2015/11/10 23:48:18 jmc Exp $ +.\" $OpenBSD: auth_subr.3,v 1.23 2015/11/24 22:03:33 millert Exp $ .\" .\" Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved. .\" @@ -31,7 +31,7 @@ .\" SUCH DAMAGE. .\" .\" BSDI $From: auth_subr.3,v 2.5 2000/03/30 19:11:27 polk Exp $ -.Dd $Mdocdate: November 10 2015 $ +.Dd $Mdocdate: November 24 2015 $ .Dt AUTH_OPEN 3 .Os .Sh NAME @@ -540,22 +540,3 @@ or 0. .Xr login_cap 3 , .Xr pw_dup 3 , .Xr login.conf 5 -.Sh CAVEATS -The -.Fn auth_check_change -and -.Fn auth_check_expire -functions call -.Fn getpwnam -or -.Fn getpwuid , -overwriting the static storage used by the -.Xr getpwent 3 -family of routines. -The calling program must either make a local copy of the passwd struct -pointer via the -.Xr pw_dup 3 -function or use the -.Xr auth_setpwd 3 -function to copy the passwd struct into -.Fa as . diff --git a/lib/libc/gen/auth_subr.c b/lib/libc/gen/auth_subr.c index 4f133d5c46b..9fd6d442121 100644 --- a/lib/libc/gen/auth_subr.c +++ b/lib/libc/gen/auth_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth_subr.c,v 1.48 2015/11/02 17:03:29 mmcc Exp $ */ +/* $OpenBSD: auth_subr.c,v 1.49 2015/11/24 22:03:33 millert Exp $ */ /* * Copyright (c) 2000-2002,2004 Todd C. Miller <Todd.Miller@courtesan.com> @@ -616,7 +616,8 @@ DEF_WEAK(auth_setdata); int auth_setpwd(auth_session_t *as, struct passwd *pwd) { - char *instance; + struct passwd pwstore; + char *instance, pwbuf[_PW_BUF_LEN]; if (pwd == NULL && as->pwd == NULL && as->name == NULL) return (-1); /* true failure */ @@ -633,12 +634,15 @@ auth_setpwd(auth_session_t *as, struct passwd *pwd) */ if (as->name == NULL) return (0); - if ((pwd = getpwnam(as->name)) == NULL) { + getpwnam_r(as->name, &pwstore, pwbuf, sizeof(pwbuf), &pwd); + if (pwd == NULL) { instance = strchr(as->name, '/'); if (instance == NULL) return (as->pwd ? 0 : 1); - if (strcmp(instance, "/root") == 0) - pwd = getpwnam(instance + 1); + if (strcmp(instance, "/root") == 0) { + getpwnam_r(instance + 1, &pwstore, pwbuf, + sizeof(pwbuf), &pwd); + } if (pwd == NULL) return (as->pwd ? 0 : 1); } diff --git a/lib/libc/gen/authenticate.3 b/lib/libc/gen/authenticate.3 index d07b32f7b52..85064f38497 100644 --- a/lib/libc/gen/authenticate.3 +++ b/lib/libc/gen/authenticate.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: authenticate.3,v 1.16 2015/11/10 23:48:18 jmc Exp $ +.\" $OpenBSD: authenticate.3,v 1.17 2015/11/24 22:03:33 millert Exp $ .\" .\" Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved. .\" @@ -31,7 +31,7 @@ .\" SUCH DAMAGE. .\" .\" BSDI $From: authenticate.3,v 2.7 1998/09/03 20:27:20 prb Exp $ -.Dd $Mdocdate: November 10 2015 $ +.Dd $Mdocdate: November 24 2015 $ .Dt AUTH_APPROVAL 3 .Os .Sh NAME @@ -306,33 +306,3 @@ is returned if no memory was available for the new copy of the string. .Xr auth_subr 3 , .Xr getpwent 3 , .Xr pw_dup 3 -.Sh CAVEATS -The -.Fn auth_approval , -.Fn auth_usercheck , -.Fn auth_userokay , -and -.Fn auth_userchallenge -functions call -.Xr getpwnam 3 -or -.Xr getpwuid 3 , -overwriting the static storage used by the -.Xr getpwent 3 -family of routines. -The calling program must either make a local copy of the passwd struct -pointer via the -.Xr pw_dup 3 -function or, for -.Fn auth_approval -and -.Fn auth_usercheck -only, use the -.Xr auth_setpwd 3 -function to copy the passwd struct into a -.Bx -Authentication session structure -which can then be passed to -.Fn auth_approval -or -.Fn auth_usercheck . diff --git a/lib/libc/gen/authenticate.c b/lib/libc/gen/authenticate.c index 80ff4ebab1a..d62ef5a4975 100644 --- a/lib/libc/gen/authenticate.c +++ b/lib/libc/gen/authenticate.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authenticate.c,v 1.24 2015/09/14 16:09:13 tedu Exp $ */ +/* $OpenBSD: authenticate.c,v 1.25 2015/11/24 22:03:33 millert Exp $ */ /*- * Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved. @@ -177,8 +177,8 @@ int auth_approval(auth_session_t *as, login_cap_t *lc, char *name, char *type) { int close_on_exit, close_lc_on_exit, len; - struct passwd *pwd; - char *approve, *s, path[PATH_MAX]; + struct passwd pwstore, *pwd; + char *approve, *s, path[PATH_MAX], pwbuf[_PW_BUF_LEN]; pwd = NULL; close_on_exit = as == NULL; @@ -191,10 +191,12 @@ auth_approval(auth_session_t *as, login_cap_t *lc, char *name, char *type) pwd = auth_getpwd(as); if (pwd == NULL) { - if (name != NULL) - pwd = getpwnam(name); - else { - if ((pwd = getpwuid(getuid())) == NULL) { + if (name != NULL) { + getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd); + } else { + getpwuid_r(getuid(), &pwstore, pwbuf, sizeof(pwbuf), + &pwd); + if (pwd == NULL) { syslog(LOG_ERR, "no such user id %u", getuid()); warnx("cannot approve who we don't recognize"); return (0); @@ -216,7 +218,7 @@ auth_approval(auth_session_t *as, login_cap_t *lc, char *name, char *type) if (pwd == NULL && (approve = strchr(name, '.')) != NULL) { strlcpy(path, name, sizeof path); path[approve-name] = '\0'; - pwd = getpwnam(name); + getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd); } lc = login_getclass(pwd ? pwd->pw_class : NULL); if (lc == NULL) { @@ -307,9 +309,10 @@ auth_session_t * auth_usercheck(char *name, char *style, char *type, char *password) { char namebuf[LOGIN_NAME_MAX + 1 + NAME_MAX + 1]; + char pwbuf[_PW_BUF_LEN]; auth_session_t *as; login_cap_t *lc; - struct passwd *pwd; + struct passwd pwstore, *pwd = NULL; char *slash; if (strlcpy(namebuf, name, sizeof(namebuf)) >= sizeof(namebuf)) @@ -327,10 +330,11 @@ auth_usercheck(char *name, char *style, char *type, char *password) * the class so it is okay if we strip a /root instance * The actual login script will pay attention to the instance. */ - if ((pwd = getpwnam(name)) == NULL) { + getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd); + if (pwd == NULL) { if ((slash = strchr(name, '/')) != NULL) { *slash = '\0'; - pwd = getpwnam(name); + getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd); *slash = '/'; } } @@ -376,8 +380,8 @@ auth_userchallenge(char *name, char *style, char *type, char **challengep) char namebuf[LOGIN_NAME_MAX + 1 + NAME_MAX + 1]; auth_session_t *as; login_cap_t *lc; - struct passwd *pwd; - char *slash; + struct passwd pwstore, *pwd = NULL; + char *slash, pwbuf[_PW_BUF_LEN]; if (strlen(name) >= sizeof(namebuf)) return (NULL); @@ -395,10 +399,11 @@ auth_userchallenge(char *name, char *style, char *type, char **challengep) * the class so it is okay if we strip a /root instance * The actual login script will pay attention to the instance. */ - if ((pwd = getpwnam(name)) == NULL) { + getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd); + if (pwd == NULL) { if ((slash = strchr(name, '/')) != NULL) { *slash = '\0'; - pwd = getpwnam(name); + getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd); *slash = '/'; } } diff --git a/lib/libc/gen/getgrent.c b/lib/libc/gen/getgrent.c index e42fd57bc7d..624a9c06110 100644 --- a/lib/libc/gen/getgrent.c +++ b/lib/libc/gen/getgrent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getgrent.c,v 1.44 2015/09/14 16:09:13 tedu Exp $ */ +/* $OpenBSD: getgrent.c,v 1.45 2015/11/24 22:03:33 millert Exp $ */ /* * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. @@ -170,7 +170,6 @@ getgrgid(gid_t gid) return getgrgid_gs(gid, p_gr, gs); } -DEF_WEAK(getgrgid); int getgrgid_r(gid_t gid, struct group *grp, char *buffer, size_t bufsize, @@ -191,6 +190,7 @@ getgrgid_r(gid_t gid, struct group *grp, char *buffer, size_t bufsize, errno = errnosave; return ret; } +DEF_WEAK(getgrgid_r); static int start_gr(void) diff --git a/lib/libc/gen/getpwent.c b/lib/libc/gen/getpwent.c index 05a9d724712..b09107b15d4 100644 --- a/lib/libc/gen/getpwent.c +++ b/lib/libc/gen/getpwent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getpwent.c,v 1.57 2015/11/18 16:44:46 tedu Exp $ */ +/* $OpenBSD: getpwent.c,v 1.58 2015/11/24 22:03:33 millert Exp $ */ /* * Copyright (c) 2008 Theo de Raadt * Copyright (c) 1988, 1993 @@ -768,7 +768,6 @@ getpwnam(const char *name) } return (pw); } -DEF_WEAK(getpwnam); struct passwd * getpwnam_shadow(const char *name) @@ -854,7 +853,6 @@ getpwuid(uid_t uid) } return (pw); } -DEF_WEAK(getpwuid); struct passwd * getpwuid_shadow(uid_t uid) diff --git a/lib/libc/gen/glob.c b/lib/libc/gen/glob.c index 5d7037a2357..e098992f4b5 100644 --- a/lib/libc/gen/glob.c +++ b/lib/libc/gen/glob.c @@ -1,4 +1,4 @@ -/* $OpenBSD: glob.c,v 1.44 2015/09/14 16:09:13 tedu Exp $ */ +/* $OpenBSD: glob.c,v 1.45 2015/11/24 22:03:33 millert Exp $ */ /* * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. @@ -354,8 +354,8 @@ globexp2(const Char *ptr, const Char *pattern, glob_t *pglob, static const Char * globtilde(const Char *pattern, Char *patbuf, size_t patbuf_len, glob_t *pglob) { - struct passwd *pwd; - char *h; + struct passwd pwstore, *pwd = NULL; + char *h, pwbuf[_PW_BUF_LEN]; const Char *p; Char *b, *eb; @@ -381,7 +381,9 @@ globtilde(const Char *pattern, Char *patbuf, size_t patbuf_len, glob_t *pglob) * first and then trying the password file */ if (issetugid() != 0 || (h = getenv("HOME")) == NULL) { - if ((pwd = getpwuid(getuid())) == NULL) + getpwuid_r(getuid(), &pwstore, pwbuf, sizeof(pwbuf), + &pwd); + if (pwd == NULL) return pattern; else h = pwd->pw_dir; @@ -390,7 +392,9 @@ globtilde(const Char *pattern, Char *patbuf, size_t patbuf_len, glob_t *pglob) /* * Expand a ~user */ - if ((pwd = getpwnam((char*) patbuf)) == NULL) + getpwnam_r((char *)patbuf, &pwstore, pwbuf, sizeof(pwbuf), + &pwd); + if (pwd == NULL) return pattern; else h = pwd->pw_dir; diff --git a/lib/libc/gen/pwcache.c b/lib/libc/gen/pwcache.c index e65112447ba..f5cfea5c20f 100644 --- a/lib/libc/gen/pwcache.c +++ b/lib/libc/gen/pwcache.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pwcache.c,v 1.11 2015/11/17 17:49:09 tedu Exp $ */ +/* $OpenBSD: pwcache.c,v 1.12 2015/11/24 22:03:33 millert Exp $ */ /* * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. @@ -48,8 +48,8 @@ user_from_uid(uid_t uid, int nouser) short noname; char name[_PW_NAME_LEN + 1]; } c_uid[NLINES * NCACHE]; - static char nbuf[15]; /* 32 bits == 10 digits */ - struct passwd *pw; + char pwbuf[_PW_BUF_LEN]; + struct passwd pwstore, *pw; struct ncache *cp; unsigned int i; @@ -58,7 +58,9 @@ user_from_uid(uid_t uid, int nouser) if (!*cp->name) { fillit: cp->uid = uid; - if ((pw = getpwuid(uid)) == NULL) { + pw = NULL; + getpwuid_r(uid, &pwstore, pwbuf, sizeof(pwbuf), &pw); + if (pw == NULL) { snprintf(cp->name, sizeof(cp->name), "%u", uid); cp->noname = 1; } else { @@ -91,8 +93,8 @@ group_from_gid(gid_t gid, int nogroup) short noname; char name[_PW_NAME_LEN + 1]; } c_gid[NLINES * NCACHE]; - static char nbuf[15]; /* 32 bits == 10 digits */ - struct group *gr; + char grbuf[_PW_BUF_LEN]; + struct group grstore, *gr; struct ncache *cp; unsigned int i; @@ -101,7 +103,9 @@ group_from_gid(gid_t gid, int nogroup) if (!*cp->name) { fillit: cp->gid = gid; - if ((gr = getgrgid(gid)) == NULL) { + gr = NULL; + getgrgid_r(gid, &grstore, grbuf, sizeof(grbuf), &gr); + if (gr == NULL) { snprintf(cp->name, sizeof(cp->name), "%u", gid); cp->noname = 1; } else { diff --git a/lib/libc/hidden/grp.h b/lib/libc/hidden/grp.h index 8c6a3e1e0b3..587ea3e6e51 100644 --- a/lib/libc/hidden/grp.h +++ b/lib/libc/hidden/grp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: grp.h,v 1.1 2015/09/13 12:20:12 guenther Exp $ */ +/* $OpenBSD: grp.h,v 1.2 2015/11/24 22:03:33 millert Exp $ */ /* * Copyright (c) 2015 Philip Guenther <guenther@openbsd.org> * @@ -26,8 +26,8 @@ __END_HIDDEN_DECLS PROTO_NORMAL(endgrent); PROTO_DEPRECATED(getgrent); -PROTO_NORMAL(getgrgid); -PROTO_DEPRECATED(getgrgid_r); +PROTO_DEPRECATED(getgrgid); +PROTO_NORMAL(getgrgid_r); PROTO_DEPRECATED(getgrnam); PROTO_DEPRECATED(getgrnam_r); PROTO_DEPRECATED(group_from_gid); diff --git a/lib/libc/hidden/pwd.h b/lib/libc/hidden/pwd.h index 52e3ac1e9e0..b4e0dad9ca5 100644 --- a/lib/libc/hidden/pwd.h +++ b/lib/libc/hidden/pwd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pwd.h,v 1.2 2015/11/18 16:44:46 tedu Exp $ */ +/* $OpenBSD: pwd.h,v 1.3 2015/11/24 22:03:33 millert Exp $ */ /* * Copyright (c) 2015 Philip Guenther <guenther@openbsd.org> * @@ -31,10 +31,10 @@ PROTO_DEPRECATED(bcrypt_gensalt); PROTO_NORMAL(bcrypt_newhash); PROTO_DEPRECATED(endpwent); PROTO_DEPRECATED(getpwent); -PROTO_NORMAL(getpwnam); +PROTO_DEPRECATED(getpwnam); PROTO_NORMAL(getpwnam_r); PROTO_NORMAL(getpwnam_shadow); -PROTO_NORMAL(getpwuid); +PROTO_DEPRECATED(getpwuid); PROTO_NORMAL(getpwuid_r); PROTO_NORMAL(getpwuid_shadow); PROTO_NORMAL(pw_dup); diff --git a/lib/libc/net/rcmdsh.c b/lib/libc/net/rcmdsh.c index 5d468ff4c44..14275d414a4 100644 --- a/lib/libc/net/rcmdsh.c +++ b/lib/libc/net/rcmdsh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rcmdsh.c,v 1.17 2015/11/01 03:45:29 guenther Exp $ */ +/* $OpenBSD: rcmdsh.c,v 1.18 2015/11/24 22:03:33 millert Exp $ */ /* * Copyright (c) 2001, MagniComp @@ -58,15 +58,16 @@ rcmdsh(char **ahost, int rport, const char *locuser, const char *remuser, struct hostent *hp; int sp[2]; pid_t cpid; - char *p; - struct passwd *pw; + char *p, pwbuf[_PW_BUF_LEN]; + struct passwd pwstore, *pw = NULL; /* What rsh/shell to use. */ if (rshprog == NULL) rshprog = _PATH_RSH; /* locuser must exist on this host. */ - if ((pw = getpwnam(locuser)) == NULL) { + getpwnam_r(locuser, &pwstore, pwbuf, sizeof(pwbuf), &pw); + if (pw == NULL) { (void) fprintf(stderr, "rcmdsh: unknown user: %s\n", locuser); return(-1); } diff --git a/lib/libc/net/ruserok.c b/lib/libc/net/ruserok.c index 88c89ac40fa..7dda9550a8f 100644 --- a/lib/libc/net/ruserok.c +++ b/lib/libc/net/ruserok.c @@ -111,11 +111,11 @@ iruserok_sa(const void *raddr, int rlen, int superuser, const char *ruser, struct sockaddr *sa; char *cp; struct stat sbuf; - struct passwd *pwd; + struct passwd pwstore, *pwd; FILE *hostf; uid_t uid; int first; - char pbuf[PATH_MAX]; + char pbuf[PATH_MAX], pwbuf[_PW_BUF_LEN]; sa = (struct sockaddr *)raddr; first = 1; @@ -132,7 +132,9 @@ again: int len; first = 0; - if ((pwd = getpwnam(luser)) == NULL) + pwd = NULL; + getpwnam_r(luser, &pwstore, pwbuf, sizeof(pwbuf), &pwd); + if (pwd == NULL) return (-1); len = snprintf(pbuf, sizeof pbuf, "%s/.rhosts", pwd->pw_dir); if (len < 0 || len >= sizeof pbuf) |