bin/90114: pw takes strings after option -g for GID 0
Björn König
bkoenig at cs.tu-berlin.de
Thu Dec 8 11:30:23 PST 2005
>Number: 90114
>Category: bin
>Synopsis: pw takes strings after option -g for GID 0
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Thu Dec 08 19:30:02 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Björn König
>Release: FreeBSD 6.0-RELEASE i386
>Organization:
>Environment:
>Description:
pw assumes the group with the ID 0 if you specify a string mistakenly
instead of a number in conjunction with option -g. This might be
problematic because it is possible that you delete the group 'wheel'
accidentally and silently.
This issue has been discovered by Mars G. Miro (marsgmiro at gmail.com)
>How-To-Repeat:
Back up your /etc/group. ;)
# pw groupshow -g wheel
wheel:*:0:root
# pw groupdel -g somestring
# pw groupshow -g wheel
pw: unknown group `wheel'
>Fix:
The patch below checks the error value returned by atoi and
aborts the current action if the user supplied an invalid GID.
Note that pw still accepts erroneous values in certain cases,
e.g. -g 0somestring.
--- pw-2005120801.diff begins here ---
--- src/usr.sbin/pw/pw_group.c.orig Sun Jan 11 19:28:08 2004
+++ src/usr.sbin/pw/pw_group.c Thu Dec 8 19:46:26 2005
@@ -93,8 +93,15 @@
a_name = NULL;
}
}
- grp = (a_name != NULL) ? GETGRNAM(a_name->val) : GETGRGID((gid_t) atoi(a_gid->val));
+ if (a_name != NULL)
+ grp = GETGRNAM(a_name->val);
+ else {
+ grp = GETGRGID((gid_t) atoi(a_gid->val));
+ if (errno == EINVAL)
+ errx(EX_DATAERR, "invalid group id `%s'", a_gid->val);
+ }
+
if (mode == M_UPDATE || mode == M_DELETE || mode == M_PRINT) {
if (a_name == NULL && grp == NULL) /* Try harder */
grp = GETGRGID(atoi(a_gid->val));
--- pw-2005120801.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list