From: Zbigniew Jędrzejewski-Szmek Date: Thu, 1 Aug 2019 07:58:27 +0000 (+0200) Subject: shared/user-util: add compat forms of user name checking functions X-Git-Tag: v243~23^2~2 X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fsystemd.git;a=commitdiff_plain;h=1a29610f5fa1bcb2eeb37d2c6b79d8d1a6dbb865 shared/user-util: add compat forms of user name checking functions New functions are called valid_user_group_name_compat() and valid_user_group_name_or_id_compat() and accept dots in the user or group name. No functional change except the tests. --- diff --git a/src/basic/user-util.c b/src/basic/user-util.c index d127b0c1072..b1ab84c5f05 100644 --- a/src/basic/user-util.c +++ b/src/basic/user-util.c @@ -620,16 +620,19 @@ int take_etc_passwd_lock(const char *root) { return fd; } -bool valid_user_group_name(const char *u) { +bool valid_user_group_name_full(const char *u, bool strict) { const char *i; long sz; /* Checks if the specified name is a valid user/group name. Also see POSIX IEEE Std 1003.1-2008, 2016 Edition, * 3.437. We are a bit stricter here however. Specifically we deviate from POSIX rules: * - * - We don't allow any dots (this would break chown syntax which permits dots as user/group name separator) * - We require that names fit into the appropriate utmp field * - We don't allow empty user names + * - No dots or digits in the first character + * + * If strict==true, additionally: + * - We don't allow any dots (this conflicts with chown syntax which permits dots as user/group name separator) * * Note that other systems are even more restrictive, and don't permit underscores or uppercase characters. */ @@ -642,13 +645,13 @@ bool valid_user_group_name(const char *u) { u[0] != '_') return false; - for (i = u+1; *i; i++) { - if (!(*i >= 'a' && *i <= 'z') && - !(*i >= 'A' && *i <= 'Z') && - !(*i >= '0' && *i <= '9') && - !IN_SET(*i, '_', '-')) + for (i = u+1; *i; i++) + if (!((*i >= 'a' && *i <= 'z') || + (*i >= 'A' && *i <= 'Z') || + (*i >= '0' && *i <= '9') || + IN_SET(*i, '_', '-') || + (!strict && *i == '.'))) return false; - } sz = sysconf(_SC_LOGIN_NAME_MAX); assert_se(sz > 0); @@ -662,15 +665,15 @@ bool valid_user_group_name(const char *u) { return true; } -bool valid_user_group_name_or_id(const char *u) { +bool valid_user_group_name_or_id_full(const char *u, bool strict) { - /* Similar as above, but is also fine with numeric UID/GID specifications, as long as they are in the right - * range, and not the invalid user ids. */ + /* Similar as above, but is also fine with numeric UID/GID specifications, as long as they are in the + * right range, and not the invalid user ids. */ if (isempty(u)) return false; - if (valid_user_group_name(u)) + if (valid_user_group_name_full(u, strict)) return true; return parse_uid(u, NULL) >= 0; diff --git a/src/basic/user-util.h b/src/basic/user-util.h index 52f3df792d7..cfa515f5e8a 100644 --- a/src/basic/user-util.h +++ b/src/basic/user-util.h @@ -85,8 +85,20 @@ static inline bool userns_supported(void) { return access("/proc/self/uid_map", F_OK) >= 0; } -bool valid_user_group_name(const char *u); -bool valid_user_group_name_or_id(const char *u); +bool valid_user_group_name_full(const char *u, bool strict); +bool valid_user_group_name_or_id_full(const char *u, bool strict); +static inline bool valid_user_group_name(const char *u) { + return valid_user_group_name_full(u, true); +} +static inline bool valid_user_group_name_or_id(const char *u) { + return valid_user_group_name_or_id_full(u, true); +} +static inline bool valid_user_group_name_compat(const char *u) { + return valid_user_group_name_full(u, false); +} +static inline bool valid_user_group_name_or_id_compat(const char *u) { + return valid_user_group_name_or_id_full(u, false); +} bool valid_gecos(const char *d); bool valid_home(const char *p); diff --git a/src/test/test-user-util.c b/src/test/test-user-util.c index e6d7262e789..9475b99c280 100644 --- a/src/test/test-user-util.c +++ b/src/test/test-user-util.c @@ -61,6 +61,43 @@ static void test_uid_ptr(void) { assert_se(PTR_TO_UID(UID_TO_PTR(1000)) == 1000); } +static void test_valid_user_group_name_compat(void) { + log_info("/* %s */", __func__); + + assert_se(!valid_user_group_name_compat(NULL)); + assert_se(!valid_user_group_name_compat("")); + assert_se(!valid_user_group_name_compat("1")); + assert_se(!valid_user_group_name_compat("65535")); + assert_se(!valid_user_group_name_compat("-1")); + assert_se(!valid_user_group_name_compat("-kkk")); + assert_se(!valid_user_group_name_compat("rööt")); + assert_se(!valid_user_group_name_compat(".")); + assert_se(!valid_user_group_name_compat(".eff")); + assert_se(!valid_user_group_name_compat("foo\nbar")); + assert_se(!valid_user_group_name_compat("0123456789012345678901234567890123456789")); + assert_se(!valid_user_group_name_or_id_compat("aaa:bbb")); + assert_se(!valid_user_group_name_compat(".")); + assert_se(!valid_user_group_name_compat(".1")); + assert_se(!valid_user_group_name_compat(".65535")); + assert_se(!valid_user_group_name_compat(".-1")); + assert_se(!valid_user_group_name_compat(".-kkk")); + assert_se(!valid_user_group_name_compat(".rööt")); + assert_se(!valid_user_group_name_or_id_compat(".aaa:bbb")); + + assert_se(valid_user_group_name_compat("root")); + assert_se(valid_user_group_name_compat("lennart")); + assert_se(valid_user_group_name_compat("LENNART")); + assert_se(valid_user_group_name_compat("_kkk")); + assert_se(valid_user_group_name_compat("kkk-")); + assert_se(valid_user_group_name_compat("kk-k")); + assert_se(valid_user_group_name_compat("eff.eff")); + assert_se(valid_user_group_name_compat("eff.")); + + assert_se(valid_user_group_name_compat("some5")); + assert_se(!valid_user_group_name_compat("5some")); + assert_se(valid_user_group_name_compat("INNER5NUMBER")); +} + static void test_valid_user_group_name(void) { log_info("/* %s */", __func__); @@ -72,10 +109,17 @@ static void test_valid_user_group_name(void) { assert_se(!valid_user_group_name("-kkk")); assert_se(!valid_user_group_name("rööt")); assert_se(!valid_user_group_name(".")); - assert_se(!valid_user_group_name("eff.eff")); + assert_se(!valid_user_group_name(".eff")); assert_se(!valid_user_group_name("foo\nbar")); assert_se(!valid_user_group_name("0123456789012345678901234567890123456789")); assert_se(!valid_user_group_name_or_id("aaa:bbb")); + assert_se(!valid_user_group_name(".")); + assert_se(!valid_user_group_name(".1")); + assert_se(!valid_user_group_name(".65535")); + assert_se(!valid_user_group_name(".-1")); + assert_se(!valid_user_group_name(".-kkk")); + assert_se(!valid_user_group_name(".rööt")); + assert_se(!valid_user_group_name_or_id(".aaa:bbb")); assert_se(valid_user_group_name("root")); assert_se(valid_user_group_name("lennart")); @@ -83,12 +127,47 @@ static void test_valid_user_group_name(void) { assert_se(valid_user_group_name("_kkk")); assert_se(valid_user_group_name("kkk-")); assert_se(valid_user_group_name("kk-k")); + assert_se(!valid_user_group_name("eff.eff")); + assert_se(!valid_user_group_name("eff.")); assert_se(valid_user_group_name("some5")); assert_se(!valid_user_group_name("5some")); assert_se(valid_user_group_name("INNER5NUMBER")); } +static void test_valid_user_group_name_or_id_compat(void) { + log_info("/* %s */", __func__); + + assert_se(!valid_user_group_name_or_id_compat(NULL)); + assert_se(!valid_user_group_name_or_id_compat("")); + assert_se(valid_user_group_name_or_id_compat("0")); + assert_se(valid_user_group_name_or_id_compat("1")); + assert_se(valid_user_group_name_or_id_compat("65534")); + assert_se(!valid_user_group_name_or_id_compat("65535")); + assert_se(valid_user_group_name_or_id_compat("65536")); + assert_se(!valid_user_group_name_or_id_compat("-1")); + assert_se(!valid_user_group_name_or_id_compat("-kkk")); + assert_se(!valid_user_group_name_or_id_compat("rööt")); + assert_se(!valid_user_group_name_or_id_compat(".")); + assert_se(!valid_user_group_name_or_id_compat(".eff")); + assert_se(valid_user_group_name_or_id_compat("eff.eff")); + assert_se(valid_user_group_name_or_id_compat("eff.")); + assert_se(!valid_user_group_name_or_id_compat("foo\nbar")); + assert_se(!valid_user_group_name_or_id_compat("0123456789012345678901234567890123456789")); + assert_se(!valid_user_group_name_or_id_compat("aaa:bbb")); + + assert_se(valid_user_group_name_or_id_compat("root")); + assert_se(valid_user_group_name_or_id_compat("lennart")); + assert_se(valid_user_group_name_or_id_compat("LENNART")); + assert_se(valid_user_group_name_or_id_compat("_kkk")); + assert_se(valid_user_group_name_or_id_compat("kkk-")); + assert_se(valid_user_group_name_or_id_compat("kk-k")); + + assert_se(valid_user_group_name_or_id_compat("some5")); + assert_se(!valid_user_group_name_or_id_compat("5some")); + assert_se(valid_user_group_name_or_id_compat("INNER5NUMBER")); +} + static void test_valid_user_group_name_or_id(void) { log_info("/* %s */", __func__); @@ -103,7 +182,9 @@ static void test_valid_user_group_name_or_id(void) { assert_se(!valid_user_group_name_or_id("-kkk")); assert_se(!valid_user_group_name_or_id("rööt")); assert_se(!valid_user_group_name_or_id(".")); + assert_se(!valid_user_group_name_or_id(".eff")); assert_se(!valid_user_group_name_or_id("eff.eff")); + assert_se(!valid_user_group_name_or_id("eff.")); assert_se(!valid_user_group_name_or_id("foo\nbar")); assert_se(!valid_user_group_name_or_id("0123456789012345678901234567890123456789")); assert_se(!valid_user_group_name_or_id("aaa:bbb")); @@ -230,7 +311,9 @@ int main(int argc, char *argv[]) { test_parse_uid(); test_uid_ptr(); + test_valid_user_group_name_compat(); test_valid_user_group_name(); + test_valid_user_group_name_or_id_compat(); test_valid_user_group_name_or_id(); test_valid_gecos(); test_valid_home();