[PATCH] find: implement -nouser, -nogroup

Kang-Che Sung explorer09 at gmail.com
Sun Jan 29 07:56:59 UTC 2023


On Sunday, January 29, 2023, David Leonard <
d+busybox at adaptive-enterprises.com> wrote:
>
> Resending patch for 'find -nouser', 'find -nogroup'. Refreshed bloatcheck
>
> Subject: [PATCH] find: implement -nouser, -nogroup
>
> https://pubs.opengroup.org/onlinepubs/9699919799/utilities/find.html
>
>   -nouser
>     The primary shall evaluate as true if the file belongs to a user ID
>     for which the getpwuid() function defined in the System Interfaces
>     volume of POSIX.1-2017 (or equivalent) returns NULL.
>
>   -nogroup
>     The primary shall evaluate as true if the file belongs to a group ID
>     for which the getgrgid() function defined in the System Interfaces
>     volume of POSIX.1-2017 (or equivalent) returns NULL.
>
> function                                             old     new   delta
> parse_params                                        1811    1845     +34
> func_nouser                                            -      24     +24
> func_nogroup                                           -      24     +24
> static.params                                        275     292     +17
> .rodata                                           100767  100775      +8
> packed_usage                                       34553   34541     -12
>
------------------------------------------------------------------------------
> (add/remove: 2/0 grow/shrink: 3/1 up/down: 107/-12)            Total: 95
bytes
>    text    data     bss     dec     hex filename
> 1064435   16587    1816 1082838  1085d6 busybox_old
> 1064530   16587    1816 1082933  108635 busybox_unstripped
> ---
>  findutils/find.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 46 insertions(+)
>
> diff --git a/findutils/find.c b/findutils/find.c
> index 40f66ab2e..2a0a867e3 100644
> --- a/findutils/find.c
> +++ b/findutils/find.c
> @@ -197,6 +197,16 @@
>  //config:      default y
>  //config:      depends on FIND
>  //config:
> +//config:config FEATURE_FIND_NOUSER
> +//config:      bool "Enable -nouser matching"
> +//config:      default y
> +//config:      depends on FIND
> +//config:
> +//config:config FEATURE_FIND_NOGROUP
> +//config:      bool "Enable -nogroup matching"
> +//config:      default y
> +//config:      depends on FIND
> +//config:
>  //config:config FEATURE_FIND_NOT
>  //config:      bool "Enable the 'not' (!) operator"
>  //config:      default y
> @@ -373,6 +383,12 @@
>  //usage:       IF_FEATURE_FIND_GROUP(
>  //usage:     "\n       -group NAME/ID  File is owned by given group"
>  //usage:       )
> +//usage:       IF_FEATURE_FIND_NOUSER(
> +//usage:     "\n       -nouser         File is owned by unknown uid"
> +//usage:       )
> +//usage:       IF_FEATURE_FIND_NOGROUP(
> +//usage:     "\n       -nogroup        File is owned by unknown gid"
> +//usage:       )
>  //usage:       IF_FEATURE_FIND_SIZE(
>  //usage:     "\n       -size N[bck]    File size is N
(c:bytes,k:kbytes,b:512 bytes(def.))"
>  //usage:     "\n                       +/-N: file size is bigger/smaller
than N"
> @@ -466,6 +482,8 @@ IF_FEATURE_FIND_NEWER(  ACTS(newer, time_t
newer_mtime;))
>  IF_FEATURE_FIND_INUM(   ACTS(inum,  ino_t inode_num;))
>  IF_FEATURE_FIND_SAMEFILE(ACTS(samefile, ino_t inode_num; dev_t device;))
>  IF_FEATURE_FIND_USER(   ACTS(user,  uid_t uid;))
> +IF_FEATURE_FIND_NOUSER( ACTS(nouser))
> +IF_FEATURE_FIND_NOUSER( ACTS(nogroup))

Typo. (Should be IF_FEATURE_FIND_NOGROUP)

>  IF_FEATURE_FIND_SIZE(   ACTS(size,  char size_char; off_t size;))
>  IF_FEATURE_FIND_CONTEXT(ACTS(context, security_context_t context;))
>  IF_FEATURE_FIND_PAREN(  ACTS(paren, action ***subexpr;))
> @@ -891,6 +909,18 @@ ACTF(group)
>         return (statbuf->st_gid == ap->gid);
>  }
>  #endif
> +#if ENABLE_FEATURE_FIND_NOUSER
> +ACTF(nouser)
> +{
> +       return !getpwuid(statbuf->st_uid);
> +}

I think there is a logic hole here.
getpwuid may return a NULL pointer on an error that's not "UID not found in
database".
Although your logic written like this conforms to POSIX, I don't know
whether in practice this would bring in security risk.

> +#endif
> +#if ENABLE_FEATURE_FIND_NOGROUP
> +ACTF(nogroup)
> +{
> +       return !getgrgid(statbuf->st_gid);
> +}

Same problem as above (getgrgid may return NULL on an error other than "not
found")

> +#endif
>  #if ENABLE_FEATURE_FIND_PRINT0
>  ACTF(print0)
>  {
> @@ -1144,6 +1174,8 @@ static action*** parse_params(char **argv)
>         IF_FEATURE_FIND_QUIT(   PARM_quit      ,)
>         IF_FEATURE_FIND_DELETE( PARM_delete    ,)
>         IF_FEATURE_FIND_EMPTY(  PARM_empty     ,)
> +       IF_FEATURE_FIND_NOUSER( PARM_nouser    ,)
> +       IF_FEATURE_FIND_NOGROUP(PARM_nogroup   ,)
>         IF_FEATURE_FIND_EXEC(   PARM_exec      ,)
>         IF_FEATURE_FIND_EXEC_OK(PARM_ok        ,)
>         IF_FEATURE_FIND_EXECUTABLE(PARM_executable,)
> @@ -1196,6 +1228,8 @@ static action*** parse_params(char **argv)
>         IF_FEATURE_FIND_QUIT(   "-quit\0"  )
>         IF_FEATURE_FIND_DELETE( "-delete\0" )
>         IF_FEATURE_FIND_EMPTY(  "-empty\0"  )
> +       IF_FEATURE_FIND_NOUSER( "-nouser\0"   )
> +       IF_FEATURE_FIND_NOGROUP("-nogroup\0"  )
>         IF_FEATURE_FIND_EXEC(   "-exec\0"   )
>         IF_FEATURE_FIND_EXEC_OK("-ok\0"     )
>         IF_FEATURE_FIND_EXECUTABLE("-executable\0")
> @@ -1594,6 +1628,18 @@ static action*** parse_params(char **argv)
>                                 ap->gid = xgroup2gid(arg1);
>                 }
>  #endif
> +#if ENABLE_FEATURE_FIND_NOUSER
> +               else if (parm == PARM_nouser) {
> +                       dbg("%d", __LINE__);
> +                       (void) ALLOC_ACTION(nouser);
> +               }
> +#endif
> +#if ENABLE_FEATURE_FIND_NOGROUP
> +               else if (parm == PARM_nogroup) {
> +                       dbg("%d", __LINE__);
> +                       (void) ALLOC_ACTION(nogroup);
> +               }
> +#endif
>  #if ENABLE_FEATURE_FIND_SIZE
>                 else if (parm == PARM_size) {
>  /* -size n[bckw]: file uses n units of space
> --
> 2.34.1
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/busybox/attachments/20230129/d4b8791c/attachment.html>


More information about the busybox mailing list