enforce maxlength in usernames (was: [PATCH] enforce maxlenght in usernames)
Tito
farmatito at tiscali.it
Thu Jul 28 12:12:17 UTC 2011
On Thursday 28 July 2011 07:33:10 Lauri Kasanen wrote:
> > Hi,
> > Could this be more acceptable. Could be improved by removing
> > the double strlen also the error message could be better.
> > Just to see if I overlooked something obvious.
> >
> > Ciao,
> > Tito
> >
> > void FAST_FUNC die_if_bad_username(const char *name)
> > {
> > /* Enforce length limits on usernames.
> > * LOGIN_NAME_MAX: Maximum length of a login name,
> > * including the terminating null byte.
> > * Must not be less than _POSIX_LOGIN_NAME_MAX (9).
> > */
> > if (!name
> > || strlen(name) + 1 > sysconf(_SC_LOGIN_NAME_MAX)
> > || strlen(name) + 1 < _POSIX_LOGIN_NAME_MAX
>
> That is no minimum, it's a minimum of the maximum. Consider names like
> "root", "lp".
>
> - Lauri
>
>
OK, I see. One more try. Eventually we could substitute LOGIN_NAME_MAX
with 64 as suggested or with 32 as in man useradd. Hints
for a better error message are welcome.
Ciao,
Tito
void FAST_FUNC die_if_bad_username(const char *name)
{
/* Enforce length limits on usernames.
* LOGIN_NAME_MAX: Maximum length of a login name,
* including the terminating null byte.
* Must not be less than _POSIX_LOGIN_NAME_MAX (9).
*/
if (!name /* Not NULL */
|| !*name /* at least one char */
/* maximum: LOGIN_NAME_MAX or _POSIX_LOGIN_NAME_MAX if bigger */
|| strlen(name) + 1 > MAX(sysconf(_SC_LOGIN_NAME_MAX), _POSIX_LOGIN_NAME_MAX)
)
bb_error_msg_and_die("illegal name length");
/* 1st char being dash or dot isn't valid: */
goto skip;
/* For example, name like ".." can make adduser
* chown "/home/.." recursively - NOT GOOD
*/
do {
if (*name == '-' || *name == '.')
continue;
skip:
if (isalnum(*name)
|| *name == '_'
|| *name == '@'
|| (*name == '$' && !name[1])
) {
continue;
}
bb_error_msg_and_die("illegal character '%c'", *name);
} while (*++name);
}
More information about the busybox
mailing list