bin/149972: pw(8): usermod -u <non-numeric> should error
Ilya Bakulin
webmaster at kibab.com
Sat Oct 9 22:40:05 UTC 2010
The following reply was made to PR bin/149972; it has been noted by GNATS.
From: Ilya Bakulin <webmaster at kibab.com>
To: bug-followup at FreeBSD.org, jschauma at netmeister.org
Cc: gavin at FreeBSD.org
Subject: Re: bin/149972: pw(8): usermod -u <non-numeric> should error
Date: Sun, 10 Oct 2010 00:36:27 +0200
--MP_/DYFS_+in8U_jcKIbTLh57db
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Fixed. Now pw(1) will exit with error if supplied with non-numeric ID.
Generated at: EuroBSDCon-2010 hackers lounge by gpf@, kibab@, bcr@
--MP_/DYFS_+in8U_jcKIbTLh57db
Content-Type: text/x-patch
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename=pw_current.diff
Index: pw_user.c
===================================================================
--- pw_user.c (revision 213663)
+++ pw_user.c (working copy)
@@ -468,13 +468,22 @@
edited = 1;
}
- if ((arg = getarg(args, 'u')) != NULL && isdigit((unsigned char)*arg->val)) {
+ if ((arg = getarg(args, 'u')) != NULL) {
+ if(isdigit((unsigned char)*arg->val)) {
pwd->pw_uid = (uid_t) atol(arg->val);
edited = 1;
if (pwd->pw_uid != 0 && strcmp(pwd->pw_name, "root") == 0)
errx(EX_DATAERR, "can't change uid of `root' account");
if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0)
warnx("WARNING: account `%s' will have a uid of 0 (superuser access!)", pwd->pw_name);
+ } else {
+ /* Found something, but not a number */
+ /*
+ * XXX Shouldn't we try to map the passed string to the username?
+ * man page however says that we're expecting numeric uid...
+ */
+ errx(EX_DATAERR, "Expected numeric user id as an argument to -u\n");
+ }
}
if ((arg = getarg(args, 'g')) != NULL && pwd->pw_uid != 0) { /* Already checked this */
--MP_/DYFS_+in8U_jcKIbTLh57db--
More information about the freebsd-bugs
mailing list