busybox/coreutils/id.c

111 lines
2.6 KiB
C
Raw Normal View History

/* vi: set sw=4 ts=4: */
/*
* Mini id implementation for busybox
*
* Copyright (C) 2000 by Randolph Chung <tausq@debian.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
*/
2003-03-19 14:43:01 +05:30
/* BB_AUDIT SUSv3 _NOT_ compliant -- option -G is not currently supported. */
#include "busybox.h"
#include <stdio.h>
#include <unistd.h>
2000-07-20 05:33:38 +05:30
#include <getopt.h>
#include <string.h>
#include <sys/types.h>
#ifdef CONFIG_SELINUX
#include <proc_secure.h>
#include <flask_util.h>
#endif
#define JUST_USER 1
#define JUST_GROUP 2
2003-03-19 14:43:01 +05:30
#define PRINT_REAL 4
#define NAME_NOT_NUMBER 8
extern int id_main(int argc, char **argv)
{
Tito writes: Hi, I've spent the half night staring at the devilish my_getpwuid and my_getgrgid functions trying to find out a way to avoid actual and future potential buffer overflow problems without breaking existing code. Finally I've found a not intrusive way to do this that surely doesn't break existing code and fixes a couple of problems too. The attached patch: 1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows 2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h. 3) The behaviour of tar, ls and logger is unchanged. 4) The behavior of ps with somewhat longer usernames messing up output is fixed. 5) The only bigger change was the increasing of size of the buffers in id.c to avoid false negatives (unknown user: xxxxxx) with usernames longer than 8 chars. The value i used ( 32 chars ) was taken from the tar header ( see gname and uname). Maybe this buffers can be reduced a bit ( to 16 or whatever ), this is up to you. 6) The increase of size of the binary is not so dramatic: size busybox text data bss dec hex filename 239568 2300 36816 278684 4409c busybox size busybox_fixed text data bss dec hex filename 239616 2300 36816 278732 440cc busybox 7) The behaviour of whoami changed: actually it prints out an username cut down to the size of the buffer. This could be fixed by increasing the size of the buffer as in id.c or avoid the use of my_getpwuid and use getpwuid directly instead. Maybe this colud be also remain unchanged...... Please apply if you think it is ok to do so. The diff applies on today's cvs tarball (2004-08-25). Thanks in advance, Ciao, Tito
2004-08-27 03:48:59 +05:30
char user[32], group[32];
long pwnam, grnam;
2003-03-19 14:43:01 +05:30
int uid, gid;
int flags;
#ifdef CONFIG_SELINUX
int is_flask_enabled_flag = is_flask_enabled();
#endif
2003-03-19 14:43:01 +05:30
flags = bb_getopt_ulflags(argc, argv, "ugrn");
if (((flags & (JUST_USER | JUST_GROUP)) == (JUST_USER | JUST_GROUP))
2003-03-19 14:43:01 +05:30
|| (argc > optind + 1)
) {
bb_show_usage();
}
if (argv[optind] == NULL) {
2003-03-19 14:43:01 +05:30
if (flags & PRINT_REAL) {
uid = getuid();
gid = getgid();
} else {
2003-03-19 14:43:01 +05:30
uid = geteuid();
gid = getegid();
}
Tito writes: Hi, I've spent the half night staring at the devilish my_getpwuid and my_getgrgid functions trying to find out a way to avoid actual and future potential buffer overflow problems without breaking existing code. Finally I've found a not intrusive way to do this that surely doesn't break existing code and fixes a couple of problems too. The attached patch: 1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows 2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h. 3) The behaviour of tar, ls and logger is unchanged. 4) The behavior of ps with somewhat longer usernames messing up output is fixed. 5) The only bigger change was the increasing of size of the buffers in id.c to avoid false negatives (unknown user: xxxxxx) with usernames longer than 8 chars. The value i used ( 32 chars ) was taken from the tar header ( see gname and uname). Maybe this buffers can be reduced a bit ( to 16 or whatever ), this is up to you. 6) The increase of size of the binary is not so dramatic: size busybox text data bss dec hex filename 239568 2300 36816 278684 4409c busybox size busybox_fixed text data bss dec hex filename 239616 2300 36816 278732 440cc busybox 7) The behaviour of whoami changed: actually it prints out an username cut down to the size of the buffer. This could be fixed by increasing the size of the buffer as in id.c or avoid the use of my_getpwuid and use getpwuid directly instead. Maybe this colud be also remain unchanged...... Please apply if you think it is ok to do so. The diff applies on today's cvs tarball (2004-08-25). Thanks in advance, Ciao, Tito
2004-08-27 03:48:59 +05:30
my_getpwuid(user, uid, sizeof(user));
} else {
safe_strncpy(user, argv[optind], sizeof(user));
gid = my_getpwnamegid(user);
}
Tito writes: Hi, I've spent the half night staring at the devilish my_getpwuid and my_getgrgid functions trying to find out a way to avoid actual and future potential buffer overflow problems without breaking existing code. Finally I've found a not intrusive way to do this that surely doesn't break existing code and fixes a couple of problems too. The attached patch: 1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows 2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h. 3) The behaviour of tar, ls and logger is unchanged. 4) The behavior of ps with somewhat longer usernames messing up output is fixed. 5) The only bigger change was the increasing of size of the buffers in id.c to avoid false negatives (unknown user: xxxxxx) with usernames longer than 8 chars. The value i used ( 32 chars ) was taken from the tar header ( see gname and uname). Maybe this buffers can be reduced a bit ( to 16 or whatever ), this is up to you. 6) The increase of size of the binary is not so dramatic: size busybox text data bss dec hex filename 239568 2300 36816 278684 4409c busybox size busybox_fixed text data bss dec hex filename 239616 2300 36816 278732 440cc busybox 7) The behaviour of whoami changed: actually it prints out an username cut down to the size of the buffer. This could be fixed by increasing the size of the buffer as in id.c or avoid the use of my_getpwuid and use getpwuid directly instead. Maybe this colud be also remain unchanged...... Please apply if you think it is ok to do so. The diff applies on today's cvs tarball (2004-08-25). Thanks in advance, Ciao, Tito
2004-08-27 03:48:59 +05:30
my_getgrgid(group, gid, sizeof(group));
pwnam=my_getpwnam(user);
grnam=my_getgrnam(group);
if (flags & (JUST_GROUP | JUST_USER)) {
2003-03-19 14:43:01 +05:30
char *s = group;
if (flags & JUST_USER) {
2003-03-19 14:43:01 +05:30
s = user;
grnam = pwnam;
}
if (flags & NAME_NOT_NUMBER) {
puts(s);
} else {
printf("%ld\n", grnam);
2003-03-19 14:43:01 +05:30
}
} else {
#ifdef CONFIG_SELINUX
printf("uid=%ld(%s) gid=%ld(%s)", pwnam, user, grnam, group);
if(is_flask_enabled_flag)
{
security_id_t mysid = getsecsid();
char context[80];
int len = sizeof(context);
context[0] = '\0';
if(security_sid_to_context(mysid, context, &len))
strcpy(context, "unknown");
printf(" context=%s\n", context);
}
else
printf("\n");
#else
printf("uid=%ld(%s) gid=%ld(%s)\n", pwnam, user, grnam, group);
#endif
}
2003-03-19 14:43:01 +05:30
bb_fflush_stdout_and_exit(0);
}