Commit Graph

18 Commits

Author SHA1 Message Date
220b352b70 Use strlcpy(3) instead of its pattern
-  Since strncpy(3) is not designed to write strings, but rather
   (null-padded) character sequences (a.k.a. unterminated strings), we
   had to manually append a '\0'.  strlcpy(3) creates strings, so they
   are always terminated.  This removes dependencies between lines, and
   also removes chances of accidents.

-  Repurposing strncpy(3) to create strings requires calculating the
   location of the terminating null byte, which involves a '-1'
   calculation.  This is a source of off-by-one bugs.  The new code has
   no '-1' calculations, so there's almost-zero chance of these bugs.

-  strlcpy(3) doesn't padd with null bytes.  Padding is relevant when
   writing fixed-width buffers to binary files, when interfacing certain
   APIs (I believe utmpx requires null padding at lease in some
   systems), or when sending them to other processes or through the
   network.  This is not the case, so padding is effectively ignored.

-  strlcpy(3) requires that the input string is really a string;
   otherwise it crashes (SIGSEGV).  Let's check if the input strings are
   really strings:

   -  lib/fields.c:
      -  'cp' was assigned from 'newft', and 'newft' comes from fgets(3).

   -  lib/gshadow.c:
      -  strlen(string) is calculated a few lines above.

   -  libmisc/console.c:
      -  'cons' comes from getdef_str, which is a bit cryptic, but seems
         to generate strings, I guess.1

   -  libmisc/date_to_str.c:
      -  It receives a string literal.  :)

   -  libmisc/utmp.c:
      -  'tname' comes from ttyname(3), which returns a string.

   -  src/su.c:
      -  'tmp_name' has been passed to strcmp(3) a few lines above.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
2022-12-22 18:03:39 -06:00
4c641c1f2a Drop unnecessary prototype
The function is defined directly after.
2022-08-06 11:27:56 -05:00
f93cf255d4 Update licensing info
Closes #238

Update all files to list SPDX license shortname.  Most files are
BSD 3 clause license.

The exceptions are:

serge@sl ~/src/shadow$ git grep SPDX-License | grep -v BSD-3-Clause
contrib/atudel:# SPDX-License-Identifier: BSD-4-Clause
lib/tcbfuncs.c: * SPDX-License-Identifier: 0BSD
libmisc/salt.c: * SPDX-License-Identifier: Unlicense
src/login_nopam.c: * SPDX-License-Identifier: Unlicense
src/nologin.c: * SPDX-License-Identifier: BSD-2-Clause
src/vipw.c: * SPDX-License-Identifier: GPL-2.0-or-later

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2021-12-23 19:36:50 -06:00
fb97da1ce1 Fix some issues found in Coverity scan. 2018-10-10 12:22:04 +02:00
8b4f07692e * NEWS, libmisc/console.c: Fix CONSOLE parser. This caused login
to hang when CONSOLE was configured with a colon separated list of
	TTYs.  See http://bugs.gentoo.org/show_bug.cgi?id=324419
2010-11-19 21:54:41 +00:00
7eb6a4b3a4 Updated copyrights. 2010-08-22 13:04:54 +00:00
f7a00a2334 * libmisc/console.c, libmisc/motd.c, libmisc/setupenv.c,
libmisc/sulog.c, libmisc/hushed.c, libmisc/failure.c,
	libmisc/loginprompt.c, libmisc/ttytype.c,
	libmisc/pam_pass_non_interractive.c, src/userdel.c, src/login.c,
	lib/commonio.c, lib/commonio.h: Fix some const issues.
	* libmisc/motd.c: Avoid multi-statements lines.
	* libmisc/motd.c: Support long MOTD_FILE.
	* libmisc/list.c, lib/prototypes.h: Revert previous change.
	dup_list and is_on_list are used with members as defined for the
	group structure, and thus even if the list is not modified, the
	list elements cannot be constant strings.
	* libmisc/system.c: Avoid C++ comments.
	* src/vipw.c: WITH_TCB cannot be tested inside a gettextized
	string. Split the Usage string.
	* lib/commonio.h: Re-indent.
2010-08-21 15:32:53 +00:00
f634cd3e2c * libmisc/console.c (console): Remove the leading /dev/ from the
tty before comparing with the lines specified by CONSOLE.
	* src/su.c: Do not remove the /dev/ prefix since it is done by
	console().
2009-05-16 18:19:24 +00:00
5e45ac1688 * libmisc/console.c: Use a less disturbing construct for splint. 2009-04-24 23:03:14 +00:00
ef32209fd7 * libmisc/console.c, libmisc/hushed.c, libmisc/yesno.c,
libmisc/loginprompt.c, libmisc/ttytype.c, libmisc/tz.c,
	src/login_nopam.c, src/chpasswd.c, src/chgpasswd.c, lib/port.c:
	The size argument of fgets is an int, not a size_t.
	* libmisc/loginprompt.c: Ignore the return value from signal()
	when the signal handlers are restored.
	* src/chpasswd.c: Cast the return value of time() to a long
	integer.
	* src/chpasswd.c: Use the SCALE macro instead of (24L * 3600L)
	for the values to be set in /etc/shadow.
2008-06-13 18:11:09 +00:00
747664ad4f * libmisc/console.c: Change is_listed() prototype to return a bool.
The default parameter should also be a bool.
	* libmisc/console.c: Add brackets and parenthesis.
	* libmisc/console.c: Avoid assignments in comparisons.
	* libmisc/console.c: Change console() prototype to return a bool.
2008-06-09 18:11:20 +00:00
c7302b61ef Make sure every source files are distributed with a copyright and license.
Files with no license use the default 3-clauses BSD license. The copyright
were mostly not recorded; they were updated according to the Changelog.
"Julianne Frances Haugh and contributors" changed to "copyright holders
and contributors".
2008-04-27 00:40:09 +00:00
569a3b8e59 * libmisc/console.c, libmisc/ulimit.c, lib/sgetgrent.c,
lib/sgetpwent.c: Include "prototypes.h" to make
  sure the exported prototypes are the ones used for the definition
  of functions.
* lib/prototypes.h: Added prototypes for __gr_del_entry(),
  __gr_get_db(), __gr_get_head(), __gr_set_changed(), __gr_dup(),
  __pw_del_entry(), __pw_get_db(), __pw_get_head(), __pw_dup(),
  sgetgrent(), sgetpwent(), __sgr_del_entry(), __sgr_dup(),
  __sgr_get_head(), __sgr_set_changed(), __spw_get_head(),
  __spw_del_entry(), __spw_dup().
* lib/prototypes.h: Removed prototype for is_listed().
* lib/prototypes.h: Added name of the check_su_auth()'s parameters.
* lib/groupio.h: Removed prototypes for __gr_dup() and
  __gr_set_changed().
* lib/sgroupio.c: Removed prototypes for putsgent(), sgetsgent(),
  and __gr_get_db().
* lib/sgroupio.h: Removed prototypes for __sgr_dup() and
  __sgr_set_changed().
* lib/shadowio.c: Removed prototype for __pw_get_db().
* lib/pwio.c: Removed prototype for sgetpwent() and putpwent().
* lib/shadowio.h: Removed prototypes for __spw_dup() and
  __spw_set_changed().
* lib/pwio.h: Removed prototypes for __pw_dup() and
  __pw_set_changed().
* lib/commonio.h: Add protection against multiple inclusions.
* lib/prototypes.h: Include commonio.h (needed for the
  __xx_del_entry() functions).
2008-01-06 11:59:01 +00:00
99dc2b1abf Define is_listed() as static and add its prototype. 2008-01-05 13:29:24 +00:00
b2120265fd Added the subversion svn:keywords property (Id) for proper identification. 2007-11-10 23:46:11 +00:00
8451bed8b0 [svn-upgrade] Integrating new upstream version, shadow (4.0.13) 2007-10-07 11:47:01 +00:00
effd479bff [svn-upgrade] Integrating new upstream version, shadow (4.0.4) 2007-10-07 11:45:23 +00:00
45c6603cc8 [svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 11:44:02 +00:00