[PATCH] fix addgroup command line parsing -- now RFC

Tito farmatito at tiscali.it
Sun Jul 29 22:11:18 UTC 2007


On Sunday 29 July 2007 16:27:23 Tito wrote:
> Hi,
> 
> addgroup actually does:
> 
> addgroup   group
> addgroup   -g num group
> addgroup   user group
> 
> so:
> 
> addgroup -g num user group
> 
> should not be permitted.
> This patch fixes the problem for me.
> 
> diff -uN loginutils/addgroup.c.orig loginutils/addgroup.c
> --- loginutils/addgroup.c.orig  2007-05-30 14:41:30.000000000 +0200
> +++ loginutils/addgroup.c       2007-07-29 16:22:50.000000000 +0200
> @@ -148,6 +148,10 @@
>         if (argc == 2) {
>                 struct group *gr;
> 
> +               /* There was -g on the commandline: error out */
> +               if (gid)
> +                       bb_show_usage();
> +
>                 /* check if group and user exist */
>                 xuname2uid(argv[0]); /* unknown user: exit */
>                 xgroup2gid(argv[1]); /* unknown group: exit */
> 
> 
> Only little tested.
> Please apply if you like it.
> 
> Ciao,
> Tito
> 
> 

BTW:

as gid_t gid  = 0 has a special meaning as flag in addgroup.c
(in the xgroup_study function) maybe we should change:

	gid = xatoul_range(group, 0, (gid_t)ULONG_MAX);
to
	gid = xatoul_range(group, 1, (gid_t)ULONG_MAX); 

so that -g 0 is forbidden.
OTOH setting the default value gid_t gid = -1
could also do the trick, but needs some minor 
changes in the code. In this case -g 0 would be 
a legal option. Hints?

Ciao,
Tito





More information about the busybox mailing list