[Pkg-shadow-commits] r2789 - in upstream/trunk: . libmisc
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Fri Apr 24 22:56:42 UTC 2009
Author: nekral-guest
Date: 2009-04-24 22:56:42 +0000 (Fri, 24 Apr 2009)
New Revision: 2789
Modified:
upstream/trunk/ChangeLog
upstream/trunk/libmisc/limits.c
Log:
* libmisc/limits.c: Parse the limits, umask, nice, maxlogin, file
limit with getlog() / getulong(). This also means, in case of
non-PAM enabled systems, that the umask specified on the GECOS
fields should start with a 0 if specified in octal. (it used to be
force to octal). Do the appropriate cast and range checking.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2009-04-24 22:49:20 UTC (rev 2788)
+++ upstream/trunk/ChangeLog 2009-04-24 22:56:42 UTC (rev 2789)
@@ -1,5 +1,13 @@
2009-04-25 Nicolas François <nicolas.francois at centraliens.net>
+ * libmisc/limits.c: Parse the limits, umask, nice, maxlogin, file
+ limit with getlog() / getulong(). This also means, in case of
+ non-PAM enabled systems, that the umask specified on the GECOS
+ fields should start with a 0 if specified in octal. (it used to be
+ force to octal). Do the appropriate cast and range checking.
+
+2009-04-25 Nicolas François <nicolas.francois at centraliens.net>
+
* libmisc/salt.c: In case gettimeofday() fails, get some entropy
from the PID.
Modified: upstream/trunk/libmisc/limits.c
===================================================================
--- upstream/trunk/libmisc/limits.c 2009-04-24 22:49:20 UTC (rev 2788)
+++ upstream/trunk/libmisc/limits.c 2009-04-24 22:56:42 UTC (rev 2789)
@@ -65,22 +65,22 @@
* multiplier - value*multiplier is the actual limit
*/
static int
-setrlimit_value (unsigned int rlimit, const char *value,
+setrlimit_value (unsigned int resource, const char *value,
unsigned int multiplier)
{
struct rlimit rlim;
long limit;
- char **endptr = (char **) &value;
- const char *value_orig = value;
- limit = strtol (value, endptr, 10);
- if ((0 == limit) && (value_orig == *endptr)) { /* no chars read */
+ if (getlong (value, &limit) == 0) {
return 0;
}
limit *= multiplier;
- rlim.rlim_cur = limit;
- rlim.rlim_max = limit;
- if (setrlimit (rlimit, &rlim) != 0) {
+ if (limit != (rlim_t) limit) {
+ return 0;
+ }
+ rlim.rlim_cur = (rlim_t) limit;
+ rlim.rlim_max = (rlim_t) limit;
+ if (setrlimit (resource, &rlim) != 0) {
return LOGIN_ERROR_RLIMIT;
}
return 0;
@@ -105,14 +105,14 @@
static int set_umask (const char *value)
{
- mode_t mask;
- char **endptr = (char **) &value;
+ unsigned long int mask;
- mask = strtol (value, endptr, 8) & 0777;
- if ((0 == mask) && (value == *endptr)) {
+ if ( (getulong (value, &mask) == 0)
+ || (mask != (mode_t) mask)) {
return 0;
}
- (void) umask (mask);
+
+ (void) umask ((mode_t) mask);
return 0;
}
@@ -125,12 +125,9 @@
#else
struct utmp *ut;
#endif
- unsigned int limit, count;
- char **endptr = (char **) &maxlogins;
- const char *ml_orig = maxlogins;
+ unsigned long limit, count;
- limit = strtol (maxlogins, endptr, 10);
- if ((0 == limit) && (ml_orig == *endptr)) { /* no chars read */
+ if (getulong (maxlogins, &limit) == 0) {
return 0;
}
@@ -396,7 +393,7 @@
static void setup_usergroups (const struct passwd *info)
{
const struct group *grp;
- mode_t oldmask;
+ mode_t tmpmask;
/*
* if not root, and UID == GID, and username is the same as primary
@@ -408,8 +405,9 @@
grp = getgrgid (info->pw_gid);
if ( (NULL != grp)
&& (strcmp (info->pw_name, grp->gr_name) == 0)) {
- oldmask = umask (0777);
- (void) umask ((oldmask & ~070) | ((oldmask >> 3) & 070));
+ tmpmask = umask (0777);
+ tmpmask = (tmpmask & ~070) | ((tmpmask >> 3) & 070);
+ (void) umask (tmpmask);
}
}
}
@@ -421,8 +419,6 @@
void setup_limits (const struct passwd *info)
{
char *cp;
- int i;
- long l;
if (getdef_bool ("USERGROUPS_ENAB")) {
setup_usergroups (info);
@@ -451,22 +447,28 @@
}
if (strncmp (cp, "pri=", 4) == 0) {
- i = atoi (cp + 4);
- if ((i >= -20) && (i <= 20)) {
+ long int inc;
+ if ( (getlong (cp + 4, &inc) == 1)
+ && (inc >= -20) && (inc <= 20)) {
errno = 0;
- if ( (nice (i) == -1)
- && (0 != errno)) {
- SYSLOG ((LOG_WARN,
- "Can't set the nice value for user %s",
- info->pw_name));
+ if ( (nice ((int) inc) != -1)
+ || (0 != errno)) {
+ continue;
}
}
+ /* Failed to parse or failed to nice() */
+ SYSLOG ((LOG_WARN,
+ "Can't set the nice value for user %s",
+ info->pw_name));
+
continue;
}
if (strncmp (cp, "ulimit=", 7) == 0) {
- l = strtol (cp + 7, (char **) 0, 10);
- if (set_filesize_limit (l) != 0) {
+ long int blocks;
+ if ( (getlong (cp + 7, &blocks) == 0)
+ || (blocks != (int) blocks)
+ || (set_filesize_limit ((int) blocks) != 0)) {
SYSLOG ((LOG_WARN,
"Can't set the ulimit for user %s",
info->pw_name));
@@ -474,8 +476,15 @@
continue;
}
if (strncmp (cp, "umask=", 6) == 0) {
- i = strtol (cp + 6, (char **) 0, 8) & 0777;
- (void) umask (i);
+ unsigned long int mask;
+ if ( (getulong (cp + 6, &mask) == 0)
+ || (mask != (mode_t) mask)) {
+ SYSLOG ((LOG_WARN,
+ "Can't set umask value for user %s",
+ info->pw_name));
+ } else {
+ (void) umask ((mode_t) mask);
+ }
continue;
}
More information about the Pkg-shadow-commits
mailing list