[BusyBox] Patch for id with invalid username
Erik Andersen
andersen at lineo.com
Fri Jul 28 16:25:37 UTC 2000
On Thu Jul 27, 2000 at 04:43:44PM -0500, Ken Chalmers wrote:
> Here's a patch for id (requires patching id.c & utility.c) that allows
> it to detect and print an error if you give an invalid username. Note
> that because of the way the information is passed, if you ever have a
> user with a gid of (2^32)-1, they'll be told they don't exist.
> Unlikely that one will ever have 4 billion groups on an embedded
> system, though :)
>
> I don't even know if this kind of error checking is something people
> consider important, but it only adds a few bytes so I just figured I'd
> put it up for interest's sake.
>
> The patches are against the current (as of Jul 27 2000) CVS source.
>
> -Ken
>
> --
> Do not meddle in the affairs of dragons, cuz, like,
> you are crunchy and taste good with ketchup.
>
>
> --- busybox/id.c Thu Jul 27 16:29:00 2000
> +++ busybox.idpatch/id.c Thu Jul 27 16:22:23 2000
> @@ -71,6 +71,10 @@
> } else {
> group = xmalloc(9);
> gid = my_getpwnamegid(user);
> + if(gid == -1) {
> + fprintf(stderr, "id: %s: No such user\n", user);
> + return(1);
> + }
> my_getgrgid(group, gid);
> }
I've applied this, plus a few other cleanups. We were using malloc, rather
then calloc which could result in unterminated strings (and segfaults). Also,
error checking was lousy, so I moved your test and enhanced it a bit.
Could you poke at it now and see if you can make it misbehave?
-Erik
--
Erik B. Andersen email: andersen at lineo.com
--This message was written using 73% post-consumer electrons--
More information about the busybox
mailing list