[2725] | 1 | /* vi: set sw=4 ts=4: */
|
---|
| 2 | /*
|
---|
| 3 | * Check user and group names for illegal characters
|
---|
| 4 | *
|
---|
| 5 | * Copyright (C) 2008 Tito Ragusa <farmatito@tiscali.it>
|
---|
| 6 | *
|
---|
| 7 | * Licensed under GPLv2 or later, see file LICENSE in this source tree.
|
---|
| 8 | */
|
---|
| 9 |
|
---|
| 10 | #include "libbb.h"
|
---|
| 11 |
|
---|
| 12 | /* To avoid problems, the username should consist only of
|
---|
| 13 | * letters, digits, underscores, periods, at signs and dashes,
|
---|
| 14 | * and not start with a dash (as defined by IEEE Std 1003.1-2001).
|
---|
| 15 | * For compatibility with Samba machine accounts $ is also supported
|
---|
| 16 | * at the end of the username.
|
---|
| 17 | */
|
---|
| 18 |
|
---|
| 19 | void FAST_FUNC die_if_bad_username(const char *name)
|
---|
| 20 | {
|
---|
[3232] | 21 | const char *start = name;
|
---|
| 22 |
|
---|
| 23 | /* 1st char being dash or dot isn't valid:
|
---|
| 24 | * for example, name like ".." can make adduser
|
---|
| 25 | * chown "/home/.." recursively - NOT GOOD.
|
---|
| 26 | * Name of just a single "$" is also rejected.
|
---|
| 27 | */
|
---|
[2725] | 28 | goto skip;
|
---|
| 29 |
|
---|
| 30 | do {
|
---|
[3232] | 31 | unsigned char ch;
|
---|
| 32 |
|
---|
| 33 | /* These chars are valid unless they are at the 1st pos: */
|
---|
| 34 | if (*name == '-'
|
---|
| 35 | || *name == '.'
|
---|
| 36 | /* $ is allowed if it's the last char: */
|
---|
| 37 | || (*name == '$' && !name[1])
|
---|
| 38 | ) {
|
---|
[2725] | 39 | continue;
|
---|
[3232] | 40 | }
|
---|
[2725] | 41 | skip:
|
---|
[3232] | 42 | ch = *name;
|
---|
| 43 | if (ch == '_'
|
---|
| 44 | /* || ch == '@' -- we disallow this too. Think about "user@host" */
|
---|
| 45 | /* open-coded isalnum: */
|
---|
| 46 | || (ch >= '0' && ch <= '9')
|
---|
| 47 | || ((ch|0x20) >= 'a' && (ch|0x20) <= 'z')
|
---|
[2725] | 48 | ) {
|
---|
| 49 | continue;
|
---|
| 50 | }
|
---|
[3232] | 51 | bb_error_msg_and_die("illegal character with code %u at position %u",
|
---|
| 52 | (unsigned)ch, (unsigned)(name - start));
|
---|
[2725] | 53 | } while (*++name);
|
---|
[3232] | 54 |
|
---|
| 55 | /* The minimum size of the login name is one char or two if
|
---|
| 56 | * last char is the '$'. Violations of this are caught above.
|
---|
| 57 | * The maximum size of the login name is LOGIN_NAME_MAX
|
---|
| 58 | * including the terminating null byte.
|
---|
| 59 | */
|
---|
| 60 | if (name - start >= LOGIN_NAME_MAX)
|
---|
| 61 | bb_error_msg_and_die("name is too long");
|
---|
[2725] | 62 | }
|
---|