Fix acl_from_text(3) - and, therefore, setfacl(1) - for user and group

names names starting with a digit.

MFC after:	1 month

3 files changed, 10 insertions, 40 deletions

diff --git a/lib/libc/posix1e/acl_from_text.c b/lib/libc/posix1e/acl_from_text.c
index b6f6f60..7f15463 100644
--- a/lib/libc/posix1e/acl_from_text.c
+++ b/lib/libc/posix1e/acl_from_text.c
@@ -44,7 +44,6 @@ __FBSDID("$FreeBSD$");
 
 #include "acl_support.h"
 
-static int _posix1e_acl_name_to_id(acl_tag_t tag, char *name, uid_t *id);
 static acl_tag_t acl_string_to_tag(char *tag, char *qualifier);
 
 int _nfs4_acl_entry_from_text(acl_t aclp, char *entry);
@@ -148,8 +147,7 @@ _posix1e_acl_entry_from_text(acl_t aclp, char *entry)
 
 		case ACL_USER:
 		case ACL_GROUP:
-			error = _posix1e_acl_name_to_id(t, qualifier,
-					&id);
+			error = _acl_name_to_id(t, qualifier, &id);
 			if (error == -1)
 				return (-1);
 			break;
@@ -272,8 +270,8 @@ error_label:
  * XXX USES *PW* AND *GR* WHICH ARE STATEFUL AND THEREFORE THIS ROUTINE
  * MAY HAVE SIDE-EFFECTS
  */
-static int
-_posix1e_acl_name_to_id(acl_tag_t tag, char *name, uid_t *id)
+int
+_acl_name_to_id(acl_tag_t tag, char *name, uid_t *id)
 {
 	struct group	*g;
 	struct passwd	*p;
diff --git a/lib/libc/posix1e/acl_from_text_nfs4.c b/lib/libc/posix1e/acl_from_text_nfs4.c
index 12bfb4e..5a0b36a 100644
--- a/lib/libc/posix1e/acl_from_text_nfs4.c
+++ b/lib/libc/posix1e/acl_from_text_nfs4.c
@@ -79,16 +79,14 @@ parse_tag(const char *str, acl_entry_t entry, int *need_qualifier)
 /*
  * Parse the qualifier field of ACL entry passed as "str".
  * If user or group name cannot be resolved, then the variable
- * referenced by "need_qualifier" is set to 1.
+ * referenced by "need_qualifier" is set to 1; it will be checked
+ * later to figure out whether the appended_id is required.
  */
 static int
 parse_qualifier(char *str, acl_entry_t entry, int *need_qualifier)
 {
 	int qualifier_length, error;
-	id_t id;
-	char *end;
-	struct passwd *pwd;
-	struct group *grp;
+	uid_t id;
 	acl_tag_t tag;
 
 	assert(need_qualifier != NULL);
@@ -101,44 +99,17 @@ parse_qualifier(char *str, acl_entry_t entry, int *need_qualifier)
 		return (-1);
 	}
 
-	/* XXX: Can we assume that valid username never begins with a digit? */
-	if (isdigit(str[0])) {
-		id = strtod(str, &end);
-
-		if (end - str != qualifier_length) {
-			warnx("malformed ACL: trailing characters "
-			    "after numerical id");
-			return (-1);
-		}
-
-		return (acl_set_qualifier(entry, &id));
-	}
-
 	error = acl_get_tag_type(entry, &tag);
 	if (error)
 		return (error);
 
-	assert(tag == ACL_USER || tag == ACL_GROUP);
-
-	if (tag == ACL_USER) {
-		/* XXX: Thread-unsafe. */
-		pwd = getpwnam(str);
-		if (pwd == NULL) {
-			*need_qualifier = 1;
-			return (0);
-		}
-
-		return (acl_set_qualifier(entry, &(pwd->pw_uid)));
-	}
-
-	/* XXX: Thread-unsafe. */
-	grp = getgrnam(str);
-	if (grp == NULL) {
+	error = _acl_name_to_id(tag, str, &id);
+	if (error) {
 		*need_qualifier = 1;
 		return (0);
 	}
 
-	return (acl_set_qualifier(entry, &(grp->gr_gid)));
+	return (acl_set_qualifier(entry, &id));
 }
 
 static int
diff --git a/lib/libc/posix1e/acl_support.h b/lib/libc/posix1e/acl_support.h
index 8f7dfed..11fa29b 100644
--- a/lib/libc/posix1e/acl_support.h
+++ b/lib/libc/posix1e/acl_support.h
@@ -61,5 +61,6 @@ int	_posix1e_acl_add_entry(acl_t acl, acl_tag_t tag, uid_t id,
 	    acl_perm_t perm);
 char	*string_skip_whitespace(char *string);
 void	string_trim_trailing_whitespace(char *string);
+int	_acl_name_to_id(acl_tag_t tag, char *name, uid_t *id);
 
 #endif