Gitiles
Code Review Sign In
gerrit.nordix.org / codeaurora / busybox / 072313162870e9675c3e6f346a804a324a907f93 / . / libbb / die_if_bad_username.c
blob: d05dc74c52a33c224c2f557bd038216401f0a541 [file] [log] [blame]
Denis Vlasenkodd5702d2008-03-19 23:15:55 +0000[diff] [blame]1/* vi: set sw=4 ts=4: */
2/*
Denis Vlasenko70c6e402009-03-31 13:14:18 +0000[diff] [blame]3 * Check user and group names for illegal characters
Denis Vlasenkodd5702d2008-03-19 23:15:55 +0000[diff] [blame]4 *
5 * Copyright (C) 2008 Tito Ragusa <farmatito@tiscali.it>
6 *
Denys Vlasenko0ef64bd2010-08-16 20:14:46 +0200[diff] [blame]7 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
Denis Vlasenkodd5702d2008-03-19 23:15:55 +0000[diff] [blame]8 */
Denis Vlasenkodd5702d2008-03-19 23:15:55 +0000[diff] [blame]9#include "libbb.h"
10
Denys Vlasenko07231312020-12-17 11:22:44 +0100[diff] [blame^]11#ifndef LOGIN_NAME_MAX
12#define LOGIN_NAME_MAX 256
13#endif
14
Denis Vlasenkodd5702d2008-03-19 23:15:55 +0000[diff] [blame]15/* To avoid problems, the username should consist only of
16 * letters, digits, underscores, periods, at signs and dashes,
17 * and not start with a dash (as defined by IEEE Std 1003.1-2001).
18 * For compatibility with Samba machine accounts $ is also supported
19 * at the end of the username.
20 */
21
Denis Vlasenkodefc1ea2008-06-27 02:52:20 +0000[diff] [blame]22void FAST_FUNC die_if_bad_username(const char *name)
Denis Vlasenkodd5702d2008-03-19 23:15:55 +0000[diff] [blame]23{
Denys Vlasenko74850862011-08-09 04:05:13 +0200[diff] [blame]24 const char *start = name;
25
26 /* 1st char being dash or dot isn't valid:
27 * for example, name like ".." can make adduser
28 * chown "/home/.." recursively - NOT GOOD.
29 * Name of just a single "$" is also rejected.
Denys Vlasenkocb7edc22010-02-06 21:50:59 +0100[diff] [blame]30 */
Denys Vlasenko74850862011-08-09 04:05:13 +0200[diff] [blame]31 goto skip;
Denys Vlasenkocb7edc22010-02-06 21:50:59 +0100[diff] [blame]32
Denis Vlasenkodd5702d2008-03-19 23:15:55 +0000[diff] [blame]33 do {
Denys Vlasenko74850862011-08-09 04:05:13 +0200[diff] [blame]34 unsigned char ch;
35
36 /* These chars are valid unless they are at the 1st pos: */
37 if (*name == '-'
38 || *name == '.'
39 /* $ is allowed if it's the last char: */
Denys Vlasenkocb7edc22010-02-06 21:50:59 +0100[diff] [blame]40 || (*name == '$' && !name[1])
Denis Vlasenko104d5442008-03-19 23:25:00 +0000[diff] [blame]41 ) {
42 continue;
43 }
Denys Vlasenko74850862011-08-09 04:05:13 +0200[diff] [blame]44 skip:
45 ch = *name;
46 if (ch == '_'
47 /* || ch == '@' -- we disallow this too. Think about "user@host" */
48 /* open-coded isalnum: */
49 || (ch >= '0' && ch <= '9')
50 || ((ch|0x20) >= 'a' && (ch|0x20) <= 'z')
51 ) {
52 continue;
53 }
54 bb_error_msg_and_die("illegal character with code %u at position %u",
55 (unsigned)ch, (unsigned)(name - start));
Denis Vlasenkodd5702d2008-03-19 23:15:55 +0000[diff] [blame]56 } while (*++name);
Denys Vlasenko74850862011-08-09 04:05:13 +0200[diff] [blame]57
58 /* The minimum size of the login name is one char or two if
59 * last char is the '$'. Violations of this are caught above.
60 * The maximum size of the login name is LOGIN_NAME_MAX
61 * including the terminating null byte.
62 */
63 if (name - start >= LOGIN_NAME_MAX)
James Byrne69374872019-07-02 11:35:03 +0200[diff] [blame]64 bb_simple_error_msg_and_die("name is too long");
Denis Vlasenkodd5702d2008-03-19 23:15:55 +0000[diff] [blame]65}