| #include "nscd.h" |
| #include "pwf.h" |
| #include <byteswap.h> |
| #include <string.h> |
| #include <unistd.h> |
| |
| static char* itoa(char* p, uint32_t x) { |
| // number of digits in a uint32_t + NUL |
| p += 11; |
| *--p = 0; |
| do { |
| *--p = '0' + x % 10; |
| x /= 10; |
| } while (x); |
| return p; |
| } |
| |
| int __getpw_a(const char* name, uid_t uid, struct passwd* pw, char** buf, size_t* size, |
| struct passwd** res) { |
| FILE* f; |
| int rv = 0; |
| |
| *res = 0; |
| |
| f = fopen("/etc/passwd", "rbe"); |
| if (!f) { |
| rv = errno; |
| goto done; |
| } |
| |
| while (!(rv = __getpwent_a(f, pw, buf, size, res)) && *res) { |
| if ((name && !strcmp(name, (*res)->pw_name)) || (!name && (*res)->pw_uid == uid)) |
| break; |
| } |
| fclose(f); |
| |
| if (!*res && (rv == 0 || rv == ENOENT || rv == ENOTDIR)) { |
| int32_t req = name ? GETPWBYNAME : GETPWBYUID; |
| const char* key; |
| int32_t passwdbuf[PW_LEN] = {}; |
| size_t len = 0; |
| char uidbuf[11] = {}; |
| |
| if (name) { |
| key = name; |
| } else { |
| /* uid outside of this range can't be queried with the |
| * nscd interface, but might happen if uid_t ever |
| * happens to be a larger type (this is not true as of |
| * now) |
| */ |
| if (uid > UINT32_MAX) { |
| rv = 0; |
| goto done; |
| } |
| key = itoa(uidbuf, uid); |
| } |
| |
| f = __nscd_query(req, key, passwdbuf, sizeof passwdbuf, (int[]){}); |
| if (!f) { |
| rv = errno; |
| goto done; |
| } |
| |
| if (!passwdbuf[PWFOUND]) { |
| rv = 0; |
| goto cleanup_f; |
| } |
| |
| /* A zero length response from nscd is invalid. We ignore |
| * invalid responses and just report an error, rather than |
| * trying to do something with them. |
| */ |
| if (!passwdbuf[PWNAMELEN] || !passwdbuf[PWPASSWDLEN] || !passwdbuf[PWGECOSLEN] || |
| !passwdbuf[PWDIRLEN] || !passwdbuf[PWSHELLLEN]) { |
| rv = EIO; |
| goto cleanup_f; |
| } |
| |
| if ((passwdbuf[PWNAMELEN] | passwdbuf[PWPASSWDLEN] | passwdbuf[PWGECOSLEN] | |
| passwdbuf[PWDIRLEN] | passwdbuf[PWSHELLLEN]) >= SIZE_MAX / 8) { |
| rv = ENOMEM; |
| goto cleanup_f; |
| } |
| |
| len = passwdbuf[PWNAMELEN] + passwdbuf[PWPASSWDLEN] + passwdbuf[PWGECOSLEN] + |
| passwdbuf[PWDIRLEN] + passwdbuf[PWSHELLLEN]; |
| |
| if (len > *size || !*buf) { |
| char* tmp = realloc(*buf, len); |
| if (!tmp) { |
| rv = errno; |
| goto cleanup_f; |
| } |
| *buf = tmp; |
| *size = len; |
| } |
| |
| if (!fread(*buf, len, 1, f)) { |
| rv = ferror(f) ? errno : EIO; |
| goto cleanup_f; |
| } |
| |
| pw->pw_name = *buf; |
| pw->pw_passwd = pw->pw_name + passwdbuf[PWNAMELEN]; |
| pw->pw_gecos = pw->pw_passwd + passwdbuf[PWPASSWDLEN]; |
| pw->pw_dir = pw->pw_gecos + passwdbuf[PWGECOSLEN]; |
| pw->pw_shell = pw->pw_dir + passwdbuf[PWDIRLEN]; |
| pw->pw_uid = passwdbuf[PWUID]; |
| pw->pw_gid = passwdbuf[PWGID]; |
| |
| /* Don't assume that nscd made sure to null terminate strings. |
| * It's supposed to, but malicious nscd should be ignored |
| * rather than causing a crash. |
| */ |
| if (pw->pw_passwd[-1] || pw->pw_gecos[-1] || pw->pw_dir[-1] || |
| pw->pw_shell[passwdbuf[PWSHELLLEN] - 1]) { |
| rv = EIO; |
| goto cleanup_f; |
| } |
| |
| if ((name && strcmp(name, pw->pw_name)) || (!name && uid != pw->pw_uid)) { |
| rv = EIO; |
| goto cleanup_f; |
| } |
| |
| *res = pw; |
| cleanup_f: |
| fclose(f); |
| goto done; |
| } |
| |
| done: |
| if (rv) |
| errno = rv; |
| return rv; |
| } |
