svn commit: r338950 - head/usr.sbin/chown

Bryan Drewery bdrewery at FreeBSD.org
Wed Sep 26 18:40:58 UTC 2018


Author: bdrewery
Date: Wed Sep 26 18:40:57 2018
New Revision: 338950
URL: https://svnweb.freebsd.org/changeset/base/338950

Log:
  Handle overflow of uid or gid in arguments for chown
  
  chown incorrectly allows a uid or gid greater than UID_MAX/GID_MAX respectively.
  Using such an argument rolls over to accounts such as root, operator, etc.
  
  Approved by:	re (gjb)
  Relnotes:	yes
  Reviewed by:	cem, kib
  Submitted by:	Don Morris <dgmorris at earthlink.net>
  Sponsored by:	Dell EMC
  Differential Revision:	https://reviews.freebsd.org/D15119

Modified:
  head/usr.sbin/chown/chown.c

Modified: head/usr.sbin/chown/chown.c
==============================================================================
--- head/usr.sbin/chown/chown.c	Wed Sep 26 17:12:30 2018	(r338949)
+++ head/usr.sbin/chown/chown.c	Wed Sep 26 18:40:57 2018	(r338950)
@@ -55,6 +55,7 @@ __FBSDID("$FreeBSD$");
 #include <libgen.h>
 #include <pwd.h>
 #include <signal.h>
+#include <stddef.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -246,16 +247,13 @@ a_uid(const char *s)
 static uid_t
 id(const char *name, const char *type)
 {
-	uid_t val;
+	unsigned long val;
 	char *ep;
 
-	/*
-	 * XXX
-	 * We know that uid_t's and gid_t's are unsigned longs.
-	 */
 	errno = 0;
 	val = strtoul(name, &ep, 10);
-	if (errno || *ep != '\0')
+	_Static_assert(UID_MAX >= GID_MAX, "UID MAX less than GID MAX");
+	if (errno || *ep != '\0' || val > UID_MAX)
 		errx(1, "%s: illegal %s name", name, type);
 	return (val);
 }


More information about the svn-src-head mailing list