From b3646b30d670ac5a38674ecc492c38f7d4e92682 Mon Sep 17 00:00:00 2001 From: Michael Forney Date: Sat, 23 Nov 2013 22:17:42 -0800 Subject: shadow: Move spent parsing to internal function --- src/passwd/getspnam_r.c | 69 ++++++++++++++++++++++++++++--------------------- src/passwd/pwf.h | 2 +- 2 files changed, 40 insertions(+), 31 deletions(-) (limited to 'src') diff --git a/src/passwd/getspnam_r.c b/src/passwd/getspnam_r.c index f4d7b35e..15f8c87b 100644 --- a/src/passwd/getspnam_r.c +++ b/src/passwd/getspnam_r.c @@ -12,9 +12,45 @@ * file. It also avoids any allocation to prevent memory-exhaustion * attacks via huge TCB shadow files. */ -static long xatol(const char *s) +static long xatol(char **s) { - return isdigit(*s) ? atol(s) : -1; + long x; + if (**s == ':' || **s == '\n') return -1; + for (x=0; **s-'0'<10U; ++*s) x=10*x+(**s-'0'); + return x; +} + +int __parsespent(char *s, struct spwd *sp) +{ + sp->sp_namp = s; + if (!(s = strchr(s, ':'))) return -1; + *s = 0; + + sp->sp_pwdp = ++s; + if (!(s = strchr(s, ':'))) return -1; + *s = 0; + + s++; sp->sp_lstchg = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_min = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_max = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_warn = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_inact = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_expire = xatol(&s); + if (*s != ':') return -1; + + s++; sp->sp_flag = xatol(&s); + if (*s != '\n') return -1; + return 0; } static void cleanup(void *p) @@ -29,7 +65,6 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct int rv = 0; int fd; size_t k, l = strlen(name); - char *s; int skip = 0; int cs; @@ -71,34 +106,8 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct rv = ERANGE; break; } - buf[k-1] = 0; - - s = buf; - sp->sp_namp = s; - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_pwdp = s; - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_lstchg = xatol(s); - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_min = xatol(s); - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_max = xatol(s); - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_warn = xatol(s); - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_inact = xatol(s); - if (!(s = strchr(s, ':'))) continue; - - *s++ = 0; sp->sp_expire = xatol(s); - if (!(s = strchr(s, ':'))) continue; - *s++ = 0; sp->sp_flag = xatol(s); + if (__parsespent(buf, sp) < 0) continue; *res = sp; break; } diff --git a/src/passwd/pwf.h b/src/passwd/pwf.h index 0a76ef80..2d813ada 100644 --- a/src/passwd/pwf.h +++ b/src/passwd/pwf.h @@ -9,5 +9,5 @@ #include "libc.h" struct passwd *__getpwent_a(FILE *f, struct passwd *pw, char **line, size_t *size); -struct spwd *__getspent_a(FILE *f, struct spwd *sp, char **line, size_t *size); struct group *__getgrent_a(FILE *f, struct group *gr, char **line, size_t *size, char ***mem, size_t *nmem); +int __parsespent(char *s, struct spwd *sp); -- cgit v1.2.1