enforce maxlength in usernames (was: [PATCH] enforce maxlenght in usernames)

Tito farmatito at tiscali.it
Wed Jul 27 21:12:38 UTC 2011 

On Wednesday 27 July 2011 22:33:09 Matthias Andree wrote:
> Am 27.07.2011 21:56, schrieb Tito:
> 
> > Saying that it does not belong there is not enough, please tell me also
> > where it should be. Looked like a good place to me. In the same 
> > function we check for illegal chars in usernames. You should also take
> > into account that busybox does not support conf files for the adduser
> > applet. Eventually the value could be made a config option (so that it could be
> > changed) but it looks like bloat to me. Another way could be to add a define
> > to libbb.h
> > 
> > #define MAX_USERNAME_LENGTH 32
> 
> Alright, IEEE Std. 1003.1-2008 aka Single UNIX™ Specification v4 aka The
> Open Group Base Specifications Issue 7, already has corresponding
> definitions.
> 
> It's available for online reading free of charge after registration at
> http://pubs.opengroup.org/onlinepubs/9699919799/
> 
> Basically this standard has headers define LOGIN_NAME_MAX and
> _POSIX_LOGIN_NAME_MAX, in <limits.h> and <unistd.h>, respectively.
> These could be used, instead of inventing [y]our own.  Be sure to read
> up on getlogin(), unistd.h, limits.h, sysconf thereabouts in the
> standards before implementing; the latter _POSIX_ variant is the minimum
> acceptable length for LOGIN_NAME, including the \0 byte, and currently 9.
> 
> Inconsistencies will cause arbitrary malfunction, non-portability,
> maintenance headaches and possibly even in-system incompatibilities.
> Non-NUL terminated C strings are the least of your worries in that case.

Hi,
Could  this be more acceptable. Could be improved by removing
the double strlen also the error message could be better.
Just to see if I overlooked something obvious.

Ciao,
Tito

void FAST_FUNC die_if_bad_username(const char *name)
{
	/* Enforce length limits on usernames. 
	 * LOGIN_NAME_MAX: Maximum length of a login name,
	 * including the terminating null byte.
	 * Must not be less than _POSIX_LOGIN_NAME_MAX (9).
	 */
	if (!name 
	 || strlen(name) + 1 > sysconf(_SC_LOGIN_NAME_MAX)
	 || strlen(name) + 1 < _POSIX_LOGIN_NAME_MAX
	)
		bb_error_msg_and_die("illegal name length");
	/* 1st char being dash or dot isn't valid: */
	goto skip;
	/* For example, name like ".." can make adduser
	 * chown "/home/.." recursively - NOT GOOD
	 */

	do {
		if (*name == '-' || *name == '.')
			continue;
 skip:
		if (isalnum(*name)
		 || *name == '_'
		 || *name == '@'
		 || (*name == '$' && !name[1])
		) {
			continue;
		}
		bb_error_msg_and_die("illegal character '%c'", *name);
	} while (*++name);
}

More information about the busybox mailing list