From 758c4f17afd4a148f62b0b87647f242acf074aa9 Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Thu, 27 Dec 2012 14:09:50 +0000 Subject: Use flopen(3) instead of open(2) + flock(2) --- libutil/gr_util.c | 6 ++---- libutil/pw_util.c | 7 ++----- 2 files changed, 4 insertions(+), 9 deletions(-) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index be34395..6bf102f 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -106,10 +106,8 @@ gr_lock(void) for (;;) { struct stat st; - lockfd = open(group_file, O_RDONLY, 0); - if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) == -1) - err(1, "%s", group_file); - if (flock(lockfd, LOCK_EX|LOCK_NB) == -1) { + lockfd = flopen(group_file, O_RDONLY|O_NONBLOCK, 0); + if (lockfd == -1) { if (errno == EWOULDBLOCK) { errx(1, "the group file is busy"); } else { diff --git a/libutil/pw_util.c b/libutil/pw_util.c index 4bf3001..24c0263 100644 --- a/libutil/pw_util.c +++ b/libutil/pw_util.c @@ -179,11 +179,8 @@ pw_lock(void) for (;;) { struct stat st; - lockfd = open(masterpasswd, O_RDONLY, 0); - if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) == -1) - err(1, "%s", masterpasswd); - /* XXX vulnerable to race conditions */ - if (flock(lockfd, LOCK_EX|LOCK_NB) == -1) { + lockfd = flopen(masterpasswd, O_RDONLY|O_NONBLOCK, 0); + if (lockfd == -1) { if (errno == EWOULDBLOCK) { errx(1, "the password db file is busy"); } else { -- cgit v1.2.3 From ac1681ea5c7980246ca789137e852441e10207d5 Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Thu, 27 Dec 2012 14:30:19 +0000 Subject: New gr_add function to provide a clean and safe method to append a new member into an existing group. Submitted by: db --- libutil/gr_util.c | 40 ++++++++++++++++++++++++++++++++++++++++ libutil/libutil.h | 2 ++ 2 files changed, 42 insertions(+) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index 6bf102f..90062eb 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -478,6 +478,46 @@ gr_dup(const struct group *gr) return (&gs->gr); } +/* + * Add a new member name to a struct group. + */ +struct group * +gr_add(struct group *gr, const char *newmember) +{ + size_t mlen; + int num_mem=0; + char **members; + struct group *newgr; + + if (newmember == NULL) + return(gr_dup(gr)); + + if (gr->gr_mem != NULL) { + for (num_mem = 0; gr->gr_mem[num_mem] != NULL; num_mem++) { + if (strcmp(gr->gr_mem[num_mem], newmember) == 0) { + errno = EEXIST; + return (NULL); + } + } + } + /* Allocate enough for current pointers + 1 more and NULL marker */ + mlen = (num_mem + 2) * sizeof(*gr->gr_mem); + if ((members = calloc(1, mlen )) == NULL) { + errno = ENOMEM; + return (NULL); + } + memcpy(members, gr->gr_mem, num_mem * sizeof(*gr->gr_mem)); + members[num_mem++] = (char *)newmember; + members[num_mem] = NULL; + gr->gr_mem = members; + newgr = gr_dup(gr); + if (newgr == NULL) + errno = ENOMEM; + + free(members); + return (newgr); +} + /* * Scan a line and place it into a group structure. */ diff --git a/libutil/libutil.h b/libutil/libutil.h index bf42766..fcd74e1 100644 --- a/libutil/libutil.h +++ b/libutil/libutil.h @@ -166,6 +166,8 @@ int gr_copy(int __ffd, int _tfd, const struct group *_gr, struct group *_old_gr); struct group * gr_dup(const struct group *_gr); +struct group * + gr_add(struct group *_gr, const char *_newmember); int gr_equal(const struct group *_gr1, const struct group *_gr2); void gr_fini(void); int gr_init(const char *_dir, const char *_master); -- cgit v1.2.3 From dca2732b7d9f3eb818b44fe0038b3d3cf3c07fc2 Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Thu, 27 Dec 2012 16:51:29 +0000 Subject: - Clean up previous gr_add use malloc instead of calloc - Fix tinderbox error Submitted by: db --- libutil/gr_util.c | 7 +++---- libutil/libutil.h | 2 +- 2 files changed, 4 insertions(+), 5 deletions(-) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index 90062eb..0cd8055 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -482,7 +482,7 @@ gr_dup(const struct group *gr) * Add a new member name to a struct group. */ struct group * -gr_add(struct group *gr, const char *newmember) +gr_add(struct group *gr, char *newmember) { size_t mlen; int num_mem=0; @@ -502,18 +502,17 @@ gr_add(struct group *gr, const char *newmember) } /* Allocate enough for current pointers + 1 more and NULL marker */ mlen = (num_mem + 2) * sizeof(*gr->gr_mem); - if ((members = calloc(1, mlen )) == NULL) { + if ((members = malloc(mlen)) == NULL) { errno = ENOMEM; return (NULL); } memcpy(members, gr->gr_mem, num_mem * sizeof(*gr->gr_mem)); - members[num_mem++] = (char *)newmember; + members[num_mem++] = newmember; members[num_mem] = NULL; gr->gr_mem = members; newgr = gr_dup(gr); if (newgr == NULL) errno = ENOMEM; - free(members); return (newgr); } diff --git a/libutil/libutil.h b/libutil/libutil.h index fcd74e1..b1b2405 100644 --- a/libutil/libutil.h +++ b/libutil/libutil.h @@ -167,7 +167,7 @@ int gr_copy(int __ffd, int _tfd, const struct group *_gr, struct group * gr_dup(const struct group *_gr); struct group * - gr_add(struct group *_gr, const char *_newmember); + gr_add(struct group *_gr, char *_newmember); int gr_equal(const struct group *_gr1, const struct group *_gr2); void gr_fini(void); int gr_init(const char *_dir, const char *_master); -- cgit v1.2.3 From b8861f725f2d4f68c95cf844d66b85651935951b Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Thu, 27 Dec 2012 19:33:43 +0000 Subject: gr_dup: simplify duplication of group Submitted by: db --- libutil/gr_util.c | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index 0cd8055..2f87bd1 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -44,11 +44,6 @@ __FBSDID("$FreeBSD$"); #include #include -struct group_storage { - struct group gr; - char *members[]; -}; - static int lockfd = -1; static char group_dir[PATH_MAX]; static char group_file[PATH_MAX]; @@ -434,14 +429,14 @@ gr_make(const struct group *gr) struct group * gr_dup(const struct group *gr) { + struct group *newgr; char *dst; size_t len; - struct group_storage *gs; int ndx; int num_mem; /* Calculate size of the group. */ - len = sizeof(*gs); + len = sizeof(*newgr); if (gr->gr_name != NULL) len += strlen(gr->gr_name) + 1; if (gr->gr_passwd != NULL) @@ -452,30 +447,34 @@ gr_dup(const struct group *gr) len += (num_mem + 1) * sizeof(*gr->gr_mem); } else num_mem = -1; - /* Create new group and copy old group into it. */ - if ((gs = calloc(1, len)) == NULL) + if ((newgr = malloc(len)) == NULL) return (NULL); - dst = (char *)&gs->members[num_mem + 1]; + /* point new gr_mem to end of struct + 1 */ + if (gr->gr_mem != NULL) + newgr->gr_mem = (char **)newgr + sizeof(struct group); + else + newgr->gr_mem = NULL; + /* point dst after the end of all the gr_mem pointers in newgr */ + dst = (char *)newgr + sizeof(struct group) + + (num_mem + 1) * sizeof(*gr->gr_mem); if (gr->gr_name != NULL) { - gs->gr.gr_name = dst; - dst = stpcpy(gs->gr.gr_name, gr->gr_name) + 1; + newgr->gr_name = dst; + dst = stpcpy(dst, gr->gr_name) + 1; } if (gr->gr_passwd != NULL) { - gs->gr.gr_passwd = dst; - dst = stpcpy(gs->gr.gr_passwd, gr->gr_passwd) + 1; + newgr->gr_passwd = dst; + dst = stpcpy(dst, gr->gr_passwd) + 1; } - gs->gr.gr_gid = gr->gr_gid; + newgr->gr_gid = gr->gr_gid; if (gr->gr_mem != NULL) { - gs->gr.gr_mem = gs->members; for (ndx = 0; ndx < num_mem; ndx++) { - gs->gr.gr_mem[ndx] = dst; - dst = stpcpy(gs->gr.gr_mem[ndx], gr->gr_mem[ndx]) + 1; + newgr->gr_mem[ndx] = dst; + dst = stpcpy(dst, gr->gr_mem[ndx]) + 1; } - gs->gr.gr_mem[ndx] = NULL; + newgr->gr_mem[ndx] = NULL; } - - return (&gs->gr); + return (newgr); } /* -- cgit v1.2.3 From ac2faf4bbf898c2f46cb06a82893638622806ac7 Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Thu, 27 Dec 2012 20:24:44 +0000 Subject: Add O_CLOEXEC to flopen Requested by: jilles --- libutil/gr_util.c | 2 +- libutil/pw_util.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index 2f87bd1..4583257 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -101,7 +101,7 @@ gr_lock(void) for (;;) { struct stat st; - lockfd = flopen(group_file, O_RDONLY|O_NONBLOCK, 0); + lockfd = flopen(group_file, O_RDONLY|O_NONBLOCK|O_CLOEXEC, 0); if (lockfd == -1) { if (errno == EWOULDBLOCK) { errx(1, "the group file is busy"); diff --git a/libutil/pw_util.c b/libutil/pw_util.c index 24c0263..befd1fb 100644 --- a/libutil/pw_util.c +++ b/libutil/pw_util.c @@ -179,7 +179,7 @@ pw_lock(void) for (;;) { struct stat st; - lockfd = flopen(masterpasswd, O_RDONLY|O_NONBLOCK, 0); + lockfd = flopen(masterpasswd, O_RDONLY|O_NONBLOCK|O_CLOEXEC, 0); if (lockfd == -1) { if (errno == EWOULDBLOCK) { errx(1, "the password db file is busy"); -- cgit v1.2.3 From 51b9aa2af727f3e728cf8676626c60a2b08747b5 Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Thu, 27 Dec 2012 20:31:12 +0000 Subject: cast to uintptr_t to properly calculate offset Reported by: mdf Submitted by: db --- libutil/gr_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index 4583257..f4a08c4 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -452,7 +452,7 @@ gr_dup(const struct group *gr) return (NULL); /* point new gr_mem to end of struct + 1 */ if (gr->gr_mem != NULL) - newgr->gr_mem = (char **)newgr + sizeof(struct group); + newgr->gr_mem = (char **)((uintptr_t)newgr + sizeof(struct group)); else newgr->gr_mem = NULL; /* point dst after the end of all the gr_mem pointers in newgr */ -- cgit v1.2.3 From aa220b5f62d62ea62dc8ac4e3a26696ee05faba7 Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Thu, 27 Dec 2012 20:47:34 +0000 Subject: avoid arithmetic on uintptr_t Submitted by: pjd Reviewed by: jilles --- libutil/gr_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index f4a08c4..437fd78 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -452,7 +452,7 @@ gr_dup(const struct group *gr) return (NULL); /* point new gr_mem to end of struct + 1 */ if (gr->gr_mem != NULL) - newgr->gr_mem = (char **)((uintptr_t)newgr + sizeof(struct group)); + newgr->gr_mem = (char **)(newgr + 1); else newgr->gr_mem = NULL; /* point dst after the end of all the gr_mem pointers in newgr */ -- cgit v1.2.3 From 3a3bcd13e99f20e0db107edca2d675ffb65cadc4 Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Fri, 28 Dec 2012 20:19:54 +0000 Subject: Do not leave parts of the new group uninitialized in gr_dup(). Submitted by: Christoph Mallon Reported by: pjd --- libutil/gr_util.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index 437fd78..759e6e8 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -461,10 +461,14 @@ gr_dup(const struct group *gr) if (gr->gr_name != NULL) { newgr->gr_name = dst; dst = stpcpy(dst, gr->gr_name) + 1; + } else { + newgr->gr_name = NULL; } if (gr->gr_passwd != NULL) { newgr->gr_passwd = dst; dst = stpcpy(dst, gr->gr_passwd) + 1; + } else { + newgr->gr_passwd = NULL; } newgr->gr_gid = gr->gr_gid; if (gr->gr_mem != NULL) { -- cgit v1.2.3 From a4ba8cb5d1a040d3dea01a404d49e2bee012a6b5 Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Fri, 28 Dec 2012 20:21:14 +0000 Subject: malloc() sets errno to ENOMEM already. Submitted by: Christoph Mallon --- libutil/gr_util.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index 759e6e8..6676720 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -505,17 +505,13 @@ gr_add(struct group *gr, char *newmember) } /* Allocate enough for current pointers + 1 more and NULL marker */ mlen = (num_mem + 2) * sizeof(*gr->gr_mem); - if ((members = malloc(mlen)) == NULL) { + if ((members = malloc(mlen)) == NULL) errno = ENOMEM; - return (NULL); - } memcpy(members, gr->gr_mem, num_mem * sizeof(*gr->gr_mem)); members[num_mem++] = newmember; members[num_mem] = NULL; gr->gr_mem = members; newgr = gr_dup(gr); - if (newgr == NULL) - errno = ENOMEM; free(members); return (newgr); } -- cgit v1.2.3 From e7ae79563ae6e4b961c2343f08df0900b302c822 Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Fri, 28 Dec 2012 20:30:04 +0000 Subject: errno = ENOMEM was supposed to be removed not return (NULL); Submitted by: gcooper --- libutil/gr_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index 6676720..5f803af 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -506,7 +506,7 @@ gr_add(struct group *gr, char *newmember) /* Allocate enough for current pointers + 1 more and NULL marker */ mlen = (num_mem + 2) * sizeof(*gr->gr_mem); if ((members = malloc(mlen)) == NULL) - errno = ENOMEM; + return (NULL); memcpy(members, gr->gr_mem, num_mem * sizeof(*gr->gr_mem)); members[num_mem++] = newmember; members[num_mem] = NULL; -- cgit v1.2.3 From 8f1370df706a16668cc3a3f9be05d8af396c365c Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Fri, 28 Dec 2012 20:44:10 +0000 Subject: Simplify pointing dst after the end of all the gr_mem pointers in newgr Submitted by: pjd Reviewed by: db --- libutil/gr_util.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'libutil') diff --git a/libutil/gr_util.c b/libutil/gr_util.c index 5f803af..acb9767 100644 --- a/libutil/gr_util.c +++ b/libutil/gr_util.c @@ -456,8 +456,7 @@ gr_dup(const struct group *gr) else newgr->gr_mem = NULL; /* point dst after the end of all the gr_mem pointers in newgr */ - dst = (char *)newgr + sizeof(struct group) + - (num_mem + 1) * sizeof(*gr->gr_mem); + dst = (char *)&newgr->gr_mem[num_mem + 1]; if (gr->gr_name != NULL) { newgr->gr_name = dst; dst = stpcpy(dst, gr->gr_name) + 1; -- cgit v1.2.3