From: nekral-guest Date: Fri, 22 Jul 2011 21:53:01 +0000 (+0000) Subject: * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Fail in case of X-Git-Tag: 4.1.5~151 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=275ffe2e01fc6ed9e8266448251aa8227895a825;p=shadow * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Fail in case of invalid configuration. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Updated comments. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Be more strict on the loop stop conditions. Stop if we passed the limit, even if the limit itself was never noticed. --- diff --git a/ChangeLog b/ChangeLog index 2c16e5ad..c7857eda 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +2011-07-22 Nicolas François + + * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Fail in case of + invalid configuration. + * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Updated + comments. + * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Be more strict + on the loop stop conditions. Stop if we passed the limit, even if + the limit itself was never noticed. + 2011-07-14 Nicolas François * man/po/fr.po: Fix some spacing issues due to configuration diff --git a/libmisc/find_new_gid.c b/libmisc/find_new_gid.c index 668782eb..f3496499 100644 --- a/libmisc/find_new_gid.c +++ b/libmisc/find_new_gid.c @@ -1,6 +1,6 @@ /* * Copyright (c) 1991 - 1994, Julianne Frances Haugh - * Copyright (c) 2008 - 2009, Nicolas François + * Copyright (c) 2008 - 2011, Nicolas François * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -65,6 +65,7 @@ int find_new_gid (bool sys_group, (void) fprintf (stderr, _("%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"), Prog, (unsigned long) gid_min, (unsigned long) gid_max); + return -1; } } else { gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL); @@ -74,6 +75,7 @@ int find_new_gid (bool sys_group, (void) fprintf (stderr, _("%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"), Prog, (unsigned long) gid_min, getdef_ulong ("GID_MIN", 1000UL), (unsigned long) gid_max); + return -1; } } used_gids = malloc (sizeof (bool) * (gid_max +1)); @@ -159,18 +161,19 @@ int find_new_gid (bool sys_group, } /* - * If a group with GID equal to GID_MAX exists, the above algorithm - * will give us GID_MAX+1 even if not unique. Search for the first - * free GID starting with GID_MIN. + * If a group (resp. system group) with GID equal to GID_MAX (resp. + * GID_MIN) exists, the above algorithm will give us GID_MAX+1 + * (resp. GID_MIN-1) even if not unique. Search for the first free + * GID starting with GID_MIN (resp. GID_MAX). */ if (sys_group) { - if (group_id == gid_min - 1) { + if (group_id < gid_min) { for (group_id = gid_max; group_id >= gid_min; group_id--) { if (false == used_gids[group_id]) { break; } } - if ( group_id < gid_min ) { + if (group_id < gid_min) { fprintf (stderr, _("%s: Can't get unique system GID (no more available GIDs)\n"), Prog); @@ -180,13 +183,13 @@ int find_new_gid (bool sys_group, } } } else { - if (group_id == gid_max + 1) { - for (group_id = gid_min; group_id < gid_max; group_id++) { + if (group_id > gid_max) { + for (group_id = gid_min; group_id <= gid_max; group_id++) { if (false == used_gids[group_id]) { break; } } - if (group_id == gid_max) { + if (group_id > gid_max) { fprintf (stderr, _("%s: Can't get unique GID (no more available GIDs)\n"), Prog); diff --git a/libmisc/find_new_uid.c b/libmisc/find_new_uid.c index 5ce013f8..31882055 100644 --- a/libmisc/find_new_uid.c +++ b/libmisc/find_new_uid.c @@ -1,6 +1,6 @@ /* * Copyright (c) 1991 - 1994, Julianne Frances Haugh - * Copyright (c) 2008 - 2009, Nicolas François + * Copyright (c) 2008 - 2011, Nicolas François * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -65,6 +65,7 @@ int find_new_uid (bool sys_user, (void) fprintf (stderr, _("%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"), Prog, (unsigned long) uid_min, (unsigned long) uid_max); + return -1; } } else { uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL); @@ -74,6 +75,7 @@ int find_new_uid (bool sys_user, (void) fprintf (stderr, _("%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"), Prog, (unsigned long) uid_min, getdef_ulong ("UID_MIN", 1000UL), (unsigned long) uid_max); + return -1; } } used_uids = malloc (sizeof (bool) * (uid_max +1)); @@ -159,12 +161,13 @@ int find_new_uid (bool sys_user, } /* - * If a user with UID equal to UID_MAX exists, the above algorithm - * will give us UID_MAX+1 even if not unique. Search for the first - * free UID starting with UID_MIN. + * If a user (resp. system user) with UID equal to UID_MAX (resp. + * UID_MIN) exists, the above algorithm will give us UID_MAX+1 + * (resp. UID_MIN-1) even if not unique. Search for the first free + * UID starting with UID_MIN (resp. UID_MAX). */ if (sys_user) { - if (user_id == uid_min - 1) { + if (user_id < uid_min) { for (user_id = uid_max; user_id >= uid_min; user_id--) { if (false == used_uids[user_id]) { break; @@ -180,13 +183,13 @@ int find_new_uid (bool sys_user, } } } else { - if (user_id == uid_max + 1) { - for (user_id = uid_min; user_id < uid_max; user_id++) { + if (user_id > uid_max) { + for (user_id = uid_min; user_id <= uid_max; user_id++) { if (false == used_uids[user_id]) { break; } } - if (user_id == uid_max) { + if (user_id > uid_max) { fprintf (stderr, _("%s: Can't get unique UID (no more available UIDs)\n"), Prog);