diff options
| author | wpaul <wpaul@FreeBSD.org> | 1996-10-22 03:53:06 +0000 |
|---|---|---|
| committer | wpaul <wpaul@FreeBSD.org> | 1996-10-22 03:53:06 +0000 |
| commit | 66f320435d6b1ff226eb8acc713050ee757b42a8 (patch) | |
| tree | 46ab3663b5efcea49fbaf831432de4c22a97366a | |
| parent | eea42f60d41405cc61e36dd30dbffc44c806f899 (diff) | |
| download | FreeBSD-src-66f320435d6b1ff226eb8acc713050ee757b42a8.zip FreeBSD-src-66f320435d6b1ff226eb8acc713050ee757b42a8.tar.gz | |
Since rpc.yppasswdd(8) also supports adding entries to the
/var/yp/master.passwd template file and it uses the same kind of code
as chpass(1), it may also be vulnerable to the bug from PR #1519.
May as well deal with it since I'm in the area. (yppasswdd in -stable
doesn't do additions, therefore it shouldn't be have this problem.)
| -rw-r--r-- | usr.sbin/rpc.yppasswdd/pw_copy.c | 33 |
1 files changed, 25 insertions, 8 deletions
diff --git a/usr.sbin/rpc.yppasswdd/pw_copy.c b/usr.sbin/rpc.yppasswdd/pw_copy.c index 54ab746..449057c 100644 --- a/usr.sbin/rpc.yppasswdd/pw_copy.c +++ b/usr.sbin/rpc.yppasswdd/pw_copy.c @@ -56,6 +56,15 @@ pw_copy(ffd, tfd, pw) FILE *from, *to; int done; char *p, buf[8192]; + char uidstr[20]; + char gidstr[20]; + char chgstr[20]; + char expstr[20]; + + snprintf(uidstr, sizeof(uidstr), "%d", pw->pw_uid); + snprintf(gidstr, sizeof(gidstr), "%d", pw->pw_gid); + snprintf(chgstr, sizeof(chgstr), "%ld", pw->pw_change); + snprintf(expstr, sizeof(expstr), "%ld", pw->pw_expire); if (!(from = fdopen(ffd, "r"))) { pw_error(passfile, 1, 1); @@ -90,20 +99,28 @@ pw_copy(ffd, tfd, pw) goto err; continue; } - (void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n", - pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, - pw->pw_class, pw->pw_change, pw->pw_expire, pw->pw_gecos, - pw->pw_dir, pw->pw_shell); + (void)fprintf(to, "%s:%s:%s:%s:%s:%s:%s:%s:%s:%s\n", + pw->pw_name, pw->pw_passwd, + pw->pw_fields & _PWF_UID ? uidstr : "", + pw->pw_fields & _PWF_GID ? gidstr : "", + pw->pw_class, + pw->pw_fields & _PWF_CHANGE ? chgstr : "", + pw->pw_fields & _PWF_EXPIRE ? expstr : "", + pw->pw_gecos, pw->pw_dir, pw->pw_shell); done = 1; if (ferror(to)) goto err; } if (!done) { if (allow_additions) { - (void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n", - pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, - pw->pw_class, pw->pw_change, pw->pw_expire, - pw->pw_gecos, pw->pw_dir, pw->pw_shell); + (void)fprintf(to, "%s:%s:%s:%s:%s:%s:%s:%s:%s:%s\n", + pw->pw_name, pw->pw_passwd, + pw->pw_fields & _PWF_UID ? uidstr : "", + pw->pw_fields & _PWF_GID ? gidstr : "", + pw->pw_class, + pw->pw_fields & _PWF_CHANGE ? chgstr : "", + pw->pw_fields & _PWF_EXPIRE ? expstr : "", + pw->pw_gecos, pw->pw_dir, pw->pw_shell); } else { yp_error("user \"%s\" not found in %s -- \ NIS maps and password file possibly out of sync", pw->pw_name, passfile); |
