summaryrefslogtreecommitdiff
path: root/usr.bin
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2022-01-08 07:32:46 +0000
committerDamien Miller <djm@cvs.openbsd.org>2022-01-08 07:32:46 +0000
commit51d0189a9719fa1adaac24636bb9a2c843d8e00d (patch)
tree0c67f626eb226d2aa7c6221e0556f05a0469ee8a /usr.bin
parent60975da5b54e2eaa52daf887fa33041906198a80 (diff)
refactor tilde_expand_filename() and make it handle ~user paths with no
trailing slash; feedback/ok markus and jsg
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/ssh/misc.c76
1 files changed, 46 insertions, 30 deletions
diff --git a/usr.bin/ssh/misc.c b/usr.bin/ssh/misc.c
index 62b6bb46bf2..239d77a29eb 100644
--- a/usr.bin/ssh/misc.c
+++ b/usr.bin/ssh/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.171 2021/11/13 21:14:13 deraadt Exp $ */
+/* $OpenBSD: misc.c,v 1.172 2022/01/08 07:32:45 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005-2020 Damien Miller. All rights reserved.
@@ -1072,53 +1072,69 @@ freeargs(arglist *args)
int
tilde_expand(const char *filename, uid_t uid, char **retp)
{
- const char *path, *sep;
- char user[128], *ret;
+ char *ocopy = NULL, *copy, *s = NULL;
+ const char *path = NULL, *user = NULL;
struct passwd *pw;
- u_int len, slash;
+ size_t len;
+ int ret = -1, r, slash;
+ *retp = NULL;
if (*filename != '~') {
*retp = xstrdup(filename);
return 0;
}
- filename++;
+ ocopy = copy = xstrdup(filename + 1);
- path = strchr(filename, '/');
- if (path != NULL && path > filename) { /* ~user/path */
- slash = path - filename;
- if (slash > sizeof(user) - 1) {
- error_f("~username too long");
- return -1;
+ if (*copy == '\0') /* ~ */
+ path = NULL;
+ else if (*copy == '/') {
+ copy += strspn(copy, "/");
+ if (*copy == '\0')
+ path = NULL; /* ~/ */
+ else
+ path = copy; /* ~/path */
+ } else {
+ user = copy;
+ if ((path = strchr(copy, '/')) != NULL) {
+ copy[path - copy] = '\0';
+ path++;
+ path += strspn(path, "/");
+ if (*path == '\0') /* ~user/ */
+ path = NULL;
+ /* else ~user/path */
}
- memcpy(user, filename, slash);
- user[slash] = '\0';
+ /* else ~user */
+ }
+ if (user != NULL) {
if ((pw = getpwnam(user)) == NULL) {
error_f("No such user %s", user);
- return -1;
+ goto out;
}
- } else if ((pw = getpwuid(uid)) == NULL) { /* ~/path */
+ } else if ((pw = getpwuid(uid)) == NULL) {
error_f("No such uid %ld", (long)uid);
- return -1;
+ goto out;
}
/* Make sure directory has a trailing '/' */
- len = strlen(pw->pw_dir);
- if (len == 0 || pw->pw_dir[len - 1] != '/')
- sep = "/";
- else
- sep = "";
+ slash = (len = strlen(pw->pw_dir)) == 0 || pw->pw_dir[len - 1] != '/';
- /* Skip leading '/' from specified path */
- if (path != NULL)
- filename = path + 1;
-
- if (xasprintf(&ret, "%s%s%s", pw->pw_dir, sep, filename) >= PATH_MAX) {
+ if ((r = xasprintf(&s, "%s%s%s", pw->pw_dir,
+ slash ? "/" : "", path != NULL ? path : "")) <= 0) {
+ error_f("xasprintf failed");
+ goto out;
+ }
+ if (r >= PATH_MAX) {
error_f("Path too long");
- return -1;
+ goto out;
}
-
- *retp = ret;
- return 0;
+ /* success */
+ ret = 0;
+ *retp = s;
+ s = NULL;
+ out:
+ free(s);
+ free(ocopy);
+ return ret;
}
char *